Easier LDAP setup for Debian

IMHO the documentation on the Debian Wiki is a bit outdated. Here's my way to configuring LDAP client authentication on Debian (Wheezy)

Install pam-ldapd

apt-get install libpam-ldapd

And answer all the questions! I'm only setting up for 'group' and 'passwd'!

Add this line to /etc/security/group.conf

*;*;*;Al0000-2400;audio,floppy,adm,dialout,cdrom,plugdev,lpadmin,sudo

This will make sure users will be members of those groups automatically

Add this to new file /usr/share/pam-configs/z25groups

Name: activate /etc/security/group.conf
Default: yes
Priority: 900
Auth-Type: Primary
Auth:
        required                        pam_group.so use_first_pass

Add this to new file /usr/share/pam-configs/mkhomedir

Name: activate mkhomedir
Default: yes
Priority: 900
Session-Type: Additional
Session:
        required                        pam_mkhomedir.so umask=0022 skel=/etc/skel

Activate the configurations

pam-auth-update --package

That does the trick for me.

Debugging

As I've found not being able to login after a cold boot. Make sure you stop nscd when you want to debug as it caches everything. Switching it off makes sure you are talking with ldap directly and not some cached info!

/etc/init.d/nscd stop