visudo -> %Linux\ Users ALL=(ALL:ALL) ALL

sudo apt update
sudo apt install libnss-ldap libpam-ldap ldap-utils nscd
dc=ldap,dc=server,dc=home
# /etc/nslcd.conf
# nslcd configuration file. See nslcd.conf(5)
# for details.

# The user and group nslcd should run as.
uid nslcd
gid nslcd

# The location at which the LDAP server(s) should be reachable.
uri ldap://server.ldap.home

# The search base that will be used for all queries.
base dc=ldap,dc=server,dc=home
binddn cn=readonly,dc=ldap,dc=server,dc=home
bindpw qaz55qwe
# The LDAP protocol version to use.
ldap_version 3
#sudoers_base cn=sudoers,ou=Linux Users,dc=ldap,dc=server,dc=home
#sudoers_debug 0
# The DN to bind with for normal lookups.
#binddn cn=annonymous,dc=example,dc=net
#bindpw secret

# The DN used for password modifications by root.
#rootpwmoddn cn=admin,dc=example,dc=com

# SSL options
#ssl off
#tls_reqcert never
tls_cacertfile /etc/ssl/certs/ca-certificates.crt

# The search scope.
#scope sub



#/etc/nsswitch.conf
passwd:         files ldap
group:          files ldap
shadow:         files ldap


#/etc/pam.d/common-auth
auth    [success=1 default=ignore]      pam_unix.so nullok_secure
auth    requisite                       pam_deny.so
auth    required                        pam_permit.so
auth    optional                        pam_ldap.so

#/etc/pam.d/common-account
account [success=1 new_authtok_reqd=done default=ignore]        pam_unix.so
account required                                                pam_ldap.so

#/etc/pam.d/common-session
session required        pam_unix.so
session optional        pam_ldap.so
session required        pam_mkhomedir.so skel=/etc/skel/ umask=077

commands:
sudo systemctl restart nslcd
getent passwd