Is everything set for those users like loginshell, home directory etc?
Yes, we have this set in LDAP for the users, and they will be using their existing home directories. When we su over to the LDAP user it shows them as being in their home directory.
Quote:
Do those users have in /etc/security/user entries like
?
I don't know if the chuser adds the double quotes needed at the SYSTEM= variable. Iirc they are important.
Yes, once I switch the user via the chuser command those entries are made, including the double quotes.
Quote:
I have set our server with the two variables up there in the default: stanza of the /etc/security/user so that only those accounts that should remain locally have something like
Correct, ours is setup this way as well.
Quote:
Also when changing local users to be LDAP users, you have to clear the following files of them:
What do you mean by clear? Shouldn't AIX be able to maintain both accounts in the event LDAP fails? The idea is that their local accounts would be a backup means of authentication, so for example we may want to go with something like:
Quote:
And if uid and gid changes chown them accordingly in the filesystem.Also remember to not mix local users and groups with ldap users and groups. SMIT will get problems else.
This will be something we will have to address once we get the users authenticated, we aren't sure how the ownership and permissions will translate.
Hello Everyone,
I have enabled LDAP authentication on my Web script by adding the list of valid users in /etc/apach2/default-server.conf. However, I now want to retrieve the username of the person that logs in. How can I do that? Is there any such module?
Regards,
Harsha (0 Replies)
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
I see a lot of thread on LDAP Authentication but I want to enable LDAP Authentication with Authorization. Meaning, removing the user ID's and groups from the local servers and move them to an LDAP server. When a user logs in (via LDAP) they will be given their group memberships and access to the... (3 Replies)
Hi folks,
i have opends 1.2 manually installed
subversion 1.4.3 and apache2 updated by package manager.
i want to access svn using LDAP authentication
its giving an error:
ldap_simple_bind_s() failed.
what could be the problem.
i wrote some text at the end of httpd.conf fpr ldap... (2 Replies)
Dear Friends,
I have recently installed iplanet directory server on my Solaris 10 machine.I was able to successfully install and configure ldap on my system.Furthermore, was also able to add
user entries to the LDAP database server.But now I am finding it difficult to authenticate LDAP users... (1 Reply)
hi all,
i have configured Apache with WEBDAV & my aim is sharing outlook calendars because we don't use M$ ExChange.
From outlook i did a simple test & am able to share a calendar.
I want to create share for each user & then authenticate against LDAP before they can publish their... (0 Replies)
Hi, We are trying to use LDAP to authenticate the login from our application. Our application is installed on AIX 6.1 and LDAP server is on active directory windows 2003.
We are getting the below error when we try to login. We have the required lib file in the path it is looking for. Any idea... (3 Replies)
Hi,
I am trying to authenticate AIX server against a IDS LDAP instance.
The AIX version is 6.1 and TDS client is 6.1.
I configured the secldapclntd using ldap.cfg file and changed /etc/security/user to set SYSTEM=LDAP, registry=LDAP for one user. Below are the ldap.cfg configurations -
... (5 Replies)
Hi Friends,
I have below scenarios .
dom1.test.com - LDAP
dom2.test.com - AD
Requirement is establish a trust relation between LDAP and AD server in such a way that if any user login on LDAP managed authentication server with
dom1\username -> get authenticated by LDAP host
... (2 Replies)
Discussion started by: Shirishlnx
2 Replies
LEARN ABOUT MOJAVE
net::ldap::extra::edirectory
Net::LDAP::Extra::eDirectory(3) User Contributed Perl Documentation Net::LDAP::Extra::eDirectory(3)NAME
Net::LDAP::Extra::eDirectory -- extensions for Novell eDirectory
SYNOPSIS
use Net::LDAP::Extra qw(eDirectory);
$ldap = Net::LDAP->new( ... );
...
if ($ldap->is_eDirectory)
my $mesg $ldap->list_replicas($server_dn);
print "Replicas on $server_dn
* " . join("
* ", $mesg->replicas) . "
"
if (!$mesg->code);
}
DESCRIPTION
Net::LDAP::Extra::eDirectory provides functions / LDAP extensions specific to Novell eDirectory.
To do so, it provides the following methods:
METHODS
is_eDirectory ( )
Tell if the LDAP server queried is Novell eDirectory server.
As the check is done by querying the root DSE of the directory, it works without being bound to the directory.
In contrast to other Net::LDAP methods this method returns TRUE / FALSE respectively undef on error.
list_replicas ( SERVER_DN, OPTIONS )
Query the replicas on the given server SERVER_DN.
On success, the resulting Net::LDAP::Message object supports the method "replicas" that returns the list of replicas on SERVER_DN.
get_replica_info ( SERVER_DN, REPLICA_DN, OPTIONS )
Query information of REPLICA_DN on SERVER_DN.
On success, the resulting Net::LDAP::Message object supports the method "replica_info" that returns a hash containing information on
REPLICA_DN.
trigger_backlinker ( OPTIONS )
Trigger the BackLinker process, which resolves external references to ensure they refer to real entries.
trigger_janitor ( OPTIONS )
Trigger the Janitor process, which checks connectivity to all servers in database.
trigger_limber ( OPTIONS )
Trigger the Limber process, which verifies the server name, internal ipx address and tree connectivity of all replicas.
trigger_skulker ( OPTIONS )
Trigger the Skulker process, which checks the synchronization status of every server in the replica ring.
trigger_schemasync ( OPTIONS )
Trigger SchemaSync.
trigger_partitionpurge ( OPTIONS )
Trigger PartitionPurge.
refresh_ldap_server ( OPTIONS )
Trigger refreshing the NLDAP service.
AUTHOR
Peter Marschall <peter@adpm.de>
COPYRIGHT
Copyright (c) 2013 Peter Marschall. All rights reserved. This program is free software; you can redistribute it and/or modify it under the
same terms as Perl itself.
perl v5.18.2 2013-07-21 Net::LDAP::Extra::eDirectory(3)