|
Tags: Manual revert Blanking |
| (5 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| [[Main Page|Home]] > [[Ubuntu]] > [[Ubuntu HPC setup with slurm and linux containers]] > [[Install slurmctld on master node]]
| |
|
| |
|
| = LDAP Client Setup on Ubuntu 22.04 =
| |
|
| |
| '''Note: This configuration must be performed on the following nodes: slurm-master (LXC), slurm-login (LXC), infra node, and both compute nodes.'''
| |
|
| |
| This section explains how to configure a system as an LDAP client to authenticate users from an external LDAP server (e.g., for Slurm clusters).
| |
|
| |
| == 1. Install Required Packages ==
| |
| <pre>
| |
| sudo apt install sssd-ldap ldap-utils
| |
| </pre>
| |
|
| |
| == 2. Configure SSSD ==
| |
|
| |
| Create the SSSD config file:
| |
| <pre>
| |
| sudo nano /etc/sssd/sssd.conf
| |
| </pre>
| |
|
| |
| Paste the following content (adjust domain and URI as per your environment):
| |
| <pre>
| |
| [sssd]
| |
| config_file_version = 2
| |
| domains = slurm-ldapsrv.local
| |
|
| |
| [domain/example.com]
| |
| id_provider = ldap
| |
| auth_provider = ldap
| |
| ldap_uri = ldaps://ldap.local
| |
| cache_credentials = True
| |
| ldap_search_base = dc=slurm-ldapsrv,dc=local
| |
| </pre>
| |
|
| |
| Set proper permissions and ownership:
| |
| <pre>
| |
| sudo chmod 600 /etc/sssd/sssd.conf
| |
| sudo chown root:root /etc/sssd/sssd.conf
| |
| </pre>
| |
|
| |
| == 3. Start SSSD Service ==
| |
| <pre>
| |
| sudo systemctl start sssd.service
| |
| </pre>
| |
|
| |
| == 4. Enable Home Directory Auto-Creation (Optional) ==
| |
| <pre>
| |
| sudo pam-auth-update --enable mkhomedir
| |
| </pre>
| |
|
| |
| == 5. Copy CA Certificate from LDAP Server ==
| |
|
| |
| Copy CA certificate from the LDAP server to the local machine:
| |
| <pre>
| |
| scp ubuntu@192.168.2.10:/etc/ssl/certs/mycacert.pem /usr/local/share/ca-certificates/mycacert.crt
| |
| </pre>
| |
|
| |
| Or (if already available locally):
| |
| <pre>
| |
| sudo cp /etc/ssl/certs/mycacert.pem /usr/local/share/ca-certificates/mycacert.crt
| |
| </pre>
| |
|
| |
| Update the certificate store:
| |
| <pre>
| |
| sudo update-ca-certificates
| |
| </pre>
| |
|
| |
| == 6. Restart SSSD Service ==
| |
| <pre>
| |
| sudo systemctl restart sssd
| |
| </pre>
| |
|
| |
| == 7. Verify LDAP Bind (Optional) ==
| |
| <pre>
| |
| ldapwhoami -x -ZZ -H ldap://slurm-ldapsrv.local
| |
| </pre>
| |
|
| |
| Expected output:
| |
| <pre>
| |
| anonymous
| |
| </pre>
| |
|
| |
| == 8. Switch to LDAP User and Change Password ==
| |
|
| |
| Log in as the LDAP user:
| |
| <pre>
| |
| su - <ldap-username>
| |
| </pre>
| |
|
| |
| Change the password:
| |
| <pre>
| |
| $ passwd
| |
| Current Password:
| |
| New password:
| |
| Retype new password:
| |
| passwd: password updated successfully </pre>
| |
|
| |
| [[Main Page|Home]] > [[Ubuntu]] > [[Ubuntu HPC setup with slurm and linux containers]] > [[Install slurmctld on master node]]
| |
