10-27-2008
Authenticating users to ADS
It is possible to authenticate AIX-users to the Windows 2003 Active Directory.
But is it also possible to do full useradministration in the ADS without also adding users to the local AIX-server?
I have the following working:
1. Add user to the ADS
2. Add user to AIX with 'mkuser registry=KRB5Afiles SYSTEM=KRB5Afiles <username>'
3. Now the password for <username> is being checked against the ADS
But I want the full useradministration in the ADS (username, password, primary group, other groups, which shell to start) without adding the user to the local AIX server. Is that possible?
9 More Discussions You Might Find Interesting
1. HP-UX
Hey,
I've asked questions about this project here before and gotten lots of help so I figured I'd give it another try.
I've recently set up my HP-UX environment to authenticate to a Windows Active Directory server (Windows Server 2003 R2).
I setup an account on Active Directory which works... (2 Replies)
Discussion started by: Rike255
2 Replies
2. Red Hat
Hi all,
I'm having some problems with joining an active directory domain as a member. My Linux servers using the same configuration across the board are all joining as domain controllers, which is bad.
I am running Samba 3.0.25b-0.4E.6 on all of my RHEL servers.
Here is my global... (1 Reply)
Discussion started by: Bert
1 Replies
3. Solaris
Hi all. A while back i began looking a using Sun One JDS for our S10 environment which subsequently fell by the wayside as other more pressing things cropped up :-)
Now its ugly head has popped up again but with the prerequisite that we authenticate against AD.
So, i have a few questions.
... (6 Replies)
Discussion started by: boneyard
6 Replies
4. Web Development
I installed a wordpress theme and came across the following code contained in the functions.php (theme functions) file. I am wanting to make sure this code is not over-riding my adsense publisher id and replacing with theirs in the background. I had this happen on another theme and just wanting... (1 Reply)
Discussion started by: blueray1974
1 Replies
5. Shell Programming and Scripting
Hi,
Can any one please tell me the way to Authenticate success or failure of the login.
Here is my req:
I have to telnet to multiple unix servers and execute the a script there which will give me an integer output. This output should be directed to a txt file.
i dont want to provide... (1 Reply)
Discussion started by: csekhar05
1 Replies
6. Solaris
I've tried everything from changing permissions on the public and private keys to creating new keys and I still cannot authenticate my private key to another machines public key. Here is the ssh -vvv output:
ssh -vvv -i id_dsa account@x.x.45.137
OpenSSH_5.5p1, OpenSSL 1.0.0a 1 Jun 2010... (8 Replies)
Discussion started by: jastanle84
8 Replies
7. AIX
I have AD (active directory) user, "asdf", created and a matching local AIX user name. Using "kinit", I can successfully authenticate it against the MS AD but when they I try to login via SSH with the same user name, it doesn't work. How can I get AIX to allow kerberos authentication as a valid... (1 Reply)
Discussion started by: kah00na
1 Replies
8. Red Hat
hi ,
Im configuring web site with authencation to a folder but the authentication is not happening.
below is the conf file of /etc/httpd/conf/httpd.conf
<VirtualHost 192.168.1.4:80>
DocumentRoot /var/www/html/
ServerName redhatclient.example.com
<directory... (0 Replies)
Discussion started by: redhatlbug
0 Replies
9. UNIX for Advanced & Expert Users
I'm authenticating with SSSD / Kerberos against Windows Server 2012 R2. I've setup credentails delegation using these options:
Host *
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
GSSAPITrustDns yes
For both client/server but no luck. I've read online that I need to run... (2 Replies)
Discussion started by: Devyn
2 Replies
LEARN ABOUT CENTOS
sss_groupdel
SSS_GROUPDEL(8) SSSD Manual pages SSS_GROUPDEL(8)
NAME
sss_groupdel - delete a group
SYNOPSIS
sss_groupdel [options] GROUP
DESCRIPTION
sss_groupdel deletes a group identified by its name GROUP from the system.
OPTIONS
-?,--help
Display help message and exit.
THE LOCAL DOMAIN
In order to function correctly, a domain with "id_provider=local" must be created and the SSSD must be running.
The administrator might want to use the SSSD local users instead of traditional UNIX users in cases where the group nesting (see
sss_groupadd(8)) is needed. The local users are also useful for testing and development of the SSSD without having to deploy a full remote
server. The sss_user* and sss_group* tools use a local LDB storage to store users and groups.
SEE ALSO
sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5),sss_cache(8), sss_debuglevel(8),
sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8),
sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8),pam_sss(8).
AUTHORS
The SSSD upstream - http://fedorahosted.org/sssd
SSSD
06/17/2014 SSS_GROUPDEL(8)