Tuesday, December 4, 2012

LDAP+NFS+Kerberos on Ubuntu 12.04

I always wanted to have a setup in our teaching laboratories with the following requirements:
  1. A centralized authentication server where student accounts are stored.
  2. A remote server where user home directories are located.
Once a student has been authenticated in the authentication server, the remote user home directory is mounted on the machine the student logged in. This setup will allow the student to access his/her files on any machine in the laboratory.

A good guide on how to achieve this is available here. Although I followed the steps presented in the guide, it took me a few days to make it work.










Figure 1. Topology

Server Machine
  • eth0: 10.0.4.x (via DHCP, provides Internet access)
  • eth1: 192.168.9.254  (local network)
  • server name: server9
  • domain name: server9.pclab9.ics.uplb.edu.ph
Some tips:
  • If a "Permission denied." error occurs when creating/editing files, remove the "sec=krb5" option in the NFS settings (both in the /etc/exports on the server and in the /etc/auto.home on the client.)
  • In order for users to login to Unity, install the nscd package.