You can support us by downloading this article as PDF from the Link below. Download the guide as PDF

This is a guide on how to configure an Ubuntu 20.04|18.04 & Ubuntu 16.04 LTS servers to authenticate against an LDAP directory server. LDAP is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services.

I expect you already have a running LDAP server, if not, use our guides below to set it up:

How to Install and configure OpenLDAP on Ubuntu LTS

Once you have LDAP server configured and user accounts added, you can proceed to install and configure LDAP client.

Install and Configure LDAP Client on Ubuntu 20.04|18.04 & Ubuntu 16.04 LTS

Add LDAP server address to /etc/hosts file if you don’t have an active DNS server in your network.

$ sudo vim /etc/hosts
192.168.18.50 ldap.example.com

Install LDAP client utilities on your Ubuntu system:

sudo apt -y install libnss-ldap libpam-ldap ldap-utils

Begin configuring the settings to look like below

1. Set LDAP URI- This can be IP address or hostname

2. Set a Distinguished name of the search base

3. Select LDAP version 3

4. Select Yes for Make local root Database admin

5. Answer No for Does the LDAP database require login?

6. Set LDAP account for root, something like cn=admin,cd=example,cn=com

7. Provide LDAP root account Password

After the installation, edit /etc/nsswitch.confand add ldap authentication to passwd and group lines.

passwd: compat systemd ldap
group: compat systemd ldap
shadow: compat

Modify the file /etc/pam.d/common-password. Remove use_authtok on line 26 to look like below.

password [success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass

Enable creation of home directory on first login by adding the following line to the end of file /etc/pam.d/common-session

session optional pam_mkhomedir.so skel=/etc/skel umask=077

See below screenshot:

Test by switching to a user account on LDAP

[email protected]:~# su - jmutai
Creating directory '/home/jmutai'.
[email protected]:~$ id
uid=10000(jmutai) gid=10000(sysadmins) groups=10000(sysadmins)

That’s all. If you need advanced centralized user management platform, see

How to Install and Configure FreeIPA Server on Ubuntu 18.04 / Ubuntu 16.04

How to Configure FreeIPA Client on Ubuntu 18.04 / Ubuntu 16.04 / CentOS 7

How to Configure FreeIPA replication on Ubuntu / CentOS

You can support us by downloading this article as PDF from the Link below. Download the guide as PDF