Assumindo que seu servidor LDAP está configurado corretamente (e há uma tonelada de variáveis) ... este é um pequeno script que eu escrevi para executar em cada uma de nossas máquinas, para ativar a autenticação LDAP:
#!/bin/sh
#Redhats tool to configure LDAP auth (aka, 'setup' from command line)
#change order of two servers to change which one to check first (I pick closest one)
authconfig --enableldap --enableldapauth --enablemkhomedir --ldapserver=server1.local,server2.local --ldapbasedn="dc=whatever,dc=local" --update
#I use sudo in LDAP. (very handy tool, see the SUDO LDAP files on the web)
echo 'sudoers: files ldap' >> /etc/nsswitch.conf
echo 'base dc=whatever,dc=local
timelimit 120
bind_policy soft
bind_timelimit 120
idle_timelimit 3600
uri ldaps://server1.local/
uri ldaps://server2.local/
ssl yes
#without this line, will complain about our self signed certs
tls_checkpeer no
#because of security choices, have to send the password in the clear (but it goes over SSL, so no big deal). Then Ldap will hash it and compare.
#without this line, my people couldn't change passwords.
pam_password clear
sudoers_base ou=SUDOers,dc=whatever,dc=local
' > /etc/ldap.conf
#this lets us know which servers LDAP authentication is setup on...
echo '*************************************************' >> /etc/ssh/banner
echo '*Authorized users, please use your LDAP password*' >> /etc/ssh/banner
echo '*************************************************' >> /etc/ssh/banner
echo 'Banner /etc/ssh/banner' >> /etc/ssh/sshd_config
service sshd restart