I finally got ldap running (ugh, what a headache), and this is how we add a new machine to the server.
Install the required packages. This will also invoke some questions:
apt-get install libpam-ldap libnss-ldap nss-updatedb libnss-db nscd ldap-utils libcap2 libcap2-bin libpam-ck-connector
The server address is:
ldap://192.168.0.40
Authority is
dc=edwards,dc=sdsu,dc=edu
Use LDAP version 3, do not make root an admin (answer NO to this), and the server does not require login (answer NO again).
Then
edit /etc/ldap.conf and check that the uri is ldap://192.168.0.40 and not ldapi///192.168.0.40
then, change these two lines
bind_policy hard
to
bind_policy soft
and change
pam_password md5
to
pam_password crypt
then edit /etc/ldap/ldap.conf and add the following lines:
URI ldap://192.168.0.40
SIZELIMIT 0
TIMELIMIT 0
DEREF never
group: files ldap
shadow: files ldap
session required pam_mkhomedir.so umask=0022 skel=/etc/skel
pam-auth-update
/etc/init.d/nscd restart
group… done.