The remainder of this document assumes you have an LDAP server which contains user account information such as home directory pathname and group membership.
Open the Authentication Configuration utility as shown in the sequence below:
(ƒ) » Applications » Administration » Authentication
Under the User Information tab, click the Enable LDAP Support checkbox. Click the button. Check the Use TLS to encrypt connections checkbox. Press the button. Enter the URL to the the certificate in the Certificate URL textbox and click the button. For LDAP Search Base DN enter the search base. Enter the LDAP server in the LDAP Server textbox. Press the button to close LDAP Settings dialog box and the Authentication Configuration dialog box.
You should now be able to test basic LDAP functionality by using the id -Gn netid command to list the groups to which a NetID belongs. For further tests, you can install the openldap-clients package from the Terminal as follows:
sudo yum -y install openldap-clients
Now you can confirm that the LDAP traffic is begin encrypted with TLS if the following shell command is successful:
ldapsearch -x -ZZ -LLL "(uid=netid)"
You can also confirm encryption using a utility such as tcpdump to monitor the traffic as it flows through the network interface:
sudo /usr/sbin/tcpdump -X tcp port 389
You would run this command in one Terminal window and then capture packets while running the ldapsearch command in another window.
This will enable a user with a UW NetID and account information in LDAP to log into the workstation.
Unless you disable it, the login screen will show a list of all LDAP user accounts. If you do not want this list showing on the screen, then disable the list here:
(ƒ) » Computer » System Settings » Login Manager » Show List