This is meant to be a crash course in setting up openldap, and using a modifed version of ltsp to get its config from it. I should mention that while I've used all these seperately, and in different little sandboxes to test, I havent actually had a chance to put them all together and test it. Should be able to remedy that very shortly though. 1. Set up openldap In theory, any LDAP server will work, but we will go on the assumption that were using openldap. a. Install the packages Either grab the runs for your distro, or grab the source package from http://www.openldap.org. I'd suggest staying with the 1.2.x series for now. I'll assume your using Red Hat, but it should be similar with other distro's. Install the Openldap rpms. The ones shipped in 6.1 will be fine for this, though I'd recomended using the ones from 6.2beta if the server is going to get hit hard. You will need "openldap" and "openldap-devel" packages installed. b. Configure it your settings. edit /etc/openldap/slapd.conf You will need to change the suffix line to something approriate. I'll assume you will use "dc=mydomain,dc=com" which is pretty standard. You want to change the rootdn field to use the new suffix as well. Note that the value refered to as "suffix" is often refered to slightly inaccurately as "basedn". You will want to change the rootpw also. To include a crypted passwd out of /etc/passwd|shadow, use it in the form: rootpw: {CRYPT}df87sdfegs634 May want to move the "directory" value too, as the defaults may not be that wise ;-< You will also want to add the lines: include /etc/openldap/ltsp.at.conf include /etc/openldap/ltsp.oc.conf c. Include the extra local.oc.conf info The two lines above pull in a extra objectclass definations. These are definations for the various "schemas", or datatype definations, that slapd will know about. In our case, we have a couple of schemas for ltsp configurations information. These can be found in this directory as ltsp.oc.conf, and ltsp.at.conf. All the interesting bits are in ltsp.oc.conf. d. Start slapd /etc/rc.d/init.d/ldap start will start the ldap server (slapd, standalone ldap Asomething Psomething daemon...) If you get any errors, mroe than likely the config is wrong. It seems to give pretty helpful error messages. At this point, your server should be up and running. 2. Add your configuration data into the database At the moment, theres not actually any information in the ldap tree, so you will need to populate it. Since this is a new server, you will want to create a "top" node, and a ou for the LtspClients. The best way to understand this is to take a look at "ltsp_example.ldif". ldif is "LDAP interchange information format". It's format should be pretty straightforward. Well, at least, it looks simple. But the formatting is fairly strict, so beware. To add this set of info into the database, use the `ldapadd` command: ldapadd -c -D "cn=root,dc=mydomain,dc=com" -W < ltsp_example.ldif This should prompt you for the rootdn passwd you setup in the slapd.conf file. Hopefully, all the info will pop into your database. 3. Verifing/viewing the data To use the already installed tools, setup their config first. edit /etc/openldap/ldap.conf to point to the machine running the ldap server. Unless you specified otherwise, you dont need to specify a port. The BASEDN value should be the same as the "suffix" value in /etc/openldap/slapd.conf on the server. NOTE: There is also a /etc/ldap.conf possibly. This is not the configuration file for the server, or the commandline tools or library. This file is used by pam_ldap and nss_ldap to find the equilivent info. To view all entries in the database: ldapsearch "(objectclass=*)" This should return a list of all the entries. If not, you probabaly want to check the config of /etc/openldap/ldap.conf, make sure the server is running, and possible, run `ldapsearch -d ` to get more debugging info. If that seems to work, you have a working ldap server sharing configuration info for LTSP clients. A couple of other handy tools for browsing the ldap tree include: http://biot.com/gq/ http://www.iit.edu/~gawojar/ldap/ http://www.mountpoint.ch/oliver/kldap/ There are also a couple of web based viewers too. 4. Setting up the clients to use LDAP for configuration The current setup is implemented as a getltscfg, that gets the info from an ldap server, instead of from parsing the /etc/lts.conf file. To use it, really all you should need to edit is the begining of rc.local, so it knows which version of getltscfg to use in the get_cfg function. The ldap version should behave the same way as the standard one as far as I know. modifying rc.local to include lines like: #GETLTSCFG=/ltsbin/getltscfg GETLTSCFG=/ltsbin/getltscfg_ldap function get_cfg(){ # # Usage: get_cfg PARM [DEFAULT] # VALUE=`$GETLTSCFG $1` if [ "$#" -gt 1 -a -z "${VALUE}" ]; then echo $2 else echo ${VALUE} fi } Should be enough to do it. You will need to modify the install.sh script to include a few extra things, most notably, the getltscfg_ldap binary, and the libs (liblber, libldap) it links against. You may also want to include a /etc/lts.conf that points it to the proper servers (getltscfg_ldap will default to these values if you dont specify them on the command line).