Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: LDAP user authentication issue
Operating Systems AIX LDAP user authentication issue Post 302370454 by j_aix on Wednesday 11th of November 2009 12:34:52 PM
Old 11-11-2009
I was able to get the issue resolved after opening a PMR with IBM.

What's not documented in the Redbook is that in order to login via SSH, both local and LDAP UID's/GID's must match exactly. SSH will check both local and LDAP user attributes if they exist in both places, regardless of registry. So after I changed the local UID and GID for the user to match LDAP I could login, this is very inconvenient as I also had to find all the orphaned files and reassign them via:
Code:
find / -user ### -exec chown <username>:<groupname> {} \;

Thanks for the help!
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Module for LDAP Authentication

Hello Everyone, I have enabled LDAP authentication on my Web script by adding the list of valid users in /etc/apach2/default-server.conf. However, I now want to retrieve the username of the person that logs in. How can I do that? Is there any such module? Regards, Harsha (0 Replies)
Discussion started by: garric
0 Replies

2. Linux

LDAP authentication question

Hello, I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it. Presently, I have configured Basic authentication with apache but the security is not tight. I... (1 Reply)
Discussion started by: bptronics
1 Replies

3. Cybersecurity

LDAP authentication question

Hello, I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it. Presently, I have configured Basic authentication with apache but the security is not tight. I... (1 Reply)
Discussion started by: bptronics
1 Replies

4. UNIX for Advanced & Expert Users

LDAP Authentication AND Authorization

I see a lot of thread on LDAP Authentication but I want to enable LDAP Authentication with Authorization. Meaning, removing the user ID's and groups from the local servers and move them to an LDAP server. When a user logs in (via LDAP) they will be given their group memberships and access to the... (3 Replies)
Discussion started by: scottsl
3 Replies

5. Solaris

LDAP authentication

Hi folks, i have opends 1.2 manually installed subversion 1.4.3 and apache2 updated by package manager. i want to access svn using LDAP authentication its giving an error: ldap_simple_bind_s() failed. what could be the problem. i wrote some text at the end of httpd.conf fpr ldap... (2 Replies)
Discussion started by: visu_buri
2 Replies

6. Solaris

Iplanet LDAP User Authentication on Solaris

Dear Friends, I have recently installed iplanet directory server on my Solaris 10 machine.I was able to successfully install and configure ldap on my system.Furthermore, was also able to add user entries to the LDAP database server.But now I am finding it difficult to authenticate LDAP users... (1 Reply)
Discussion started by: raunaqnilekani
1 Replies

7. Debian

webdav share per user ldap authentication

hi all, i have configured Apache with WEBDAV & my aim is sharing outlook calendars because we don't use M$ ExChange. From outlook i did a simple test & am able to share a calendar. I want to create share for each user & then authenticate against LDAP before they can publish their... (0 Replies)
Discussion started by: coolatt
0 Replies

8. AIX

LDAP authentication

Hi, We are trying to use LDAP to authenticate the login from our application. Our application is installed on AIX 6.1 and LDAP server is on active directory windows 2003. We are getting the below error when we try to login. We have the required lib file in the path it is looking for. Any idea... (3 Replies)
Discussion started by: Nand1010_MA
3 Replies

9. AIX

LDAP authentication client issue

Hi, I am trying to authenticate AIX server against a IDS LDAP instance. The AIX version is 6.1 and TDS client is 6.1. I configured the secldapclntd using ldap.cfg file and changed /etc/security/user to set SYSTEM=LDAP, registry=LDAP for one user. Below are the ldap.cfg configurations - ... (5 Replies)
Discussion started by: vs1
5 Replies

10. Emergency UNIX and Linux Support

LDAP and AD Authentication Query

Hi Friends, I have below scenarios . dom1.test.com - LDAP dom2.test.com - AD Requirement is establish a trust relation between LDAP and AD server in such a way that if any user login on LDAP managed authentication server with dom1\username -> get authenticated by LDAP host ... (2 Replies)
Discussion started by: Shirishlnx
2 Replies

LEARN ABOUT SUSE

setresgid32

SETRESUID(2)						     Linux Programmer's Manual						      SETRESUID(2)

NAME

       setresuid, setresgid - set real, effective and saved user or group ID

SYNOPSIS

       #define _GNU_SOURCE
       #include <unistd.h>

       int setresuid(uid_t ruid, uid_t euid, uid_t suid);
       int setresgid(gid_t rgid, gid_t egid, gid_t sgid);

DESCRIPTION

       setresuid() sets the real user ID, the effective user ID, and the saved set-user-ID of the calling process.

       Unprivileged  user  processes may change the real UID, effective UID, and saved set-user-ID, each to one of: the current real UID, the cur-
       rent effective UID or the current saved set-user-ID.

       Privileged processes (on Linux, those having the CAP_SETUID capability) may set the real UID, effective UID, and saved set-user-ID to arbi-
       trary values.

       If one of the arguments equals -1, the corresponding value is not changed.

       Regardless  of  what  changes are made to the real UID, effective UID, and saved set-user-ID, the file system UID is always set to the same
       value as the (possibly new) effective UID.

       Completely analogously, setresgid() sets the real GID, effective GID, and saved set-group-ID of the calling process  (and  always  modifies
       the file system GID to be the same as the effective GID), with the same restrictions for unprivileged processes.

RETURN VALUE

       On success, zero is returned.  On error, -1 is returned, and errno is set appropriately.

ERRORS

       EAGAIN uid does not match the current UID and this call would bring that user ID over its RLIMIT_NPROC resource limit.

       EPERM  The  calling  process  is not privileged (did not have the CAP_SETUID capability) and tried to change the IDs to values that are not
	      permitted.

VERSIONS

       These calls are available under Linux since Linux 2.1.44.

CONFORMING TO

       These calls are nonstandard; they also appear on HP-UX and some of the BSDs.

NOTES

       Under HP-UX and FreeBSD the prototype is found in <unistd.h>.  Under Linux the prototype is provided by glibc since version 2.3.2.

SEE ALSO

       getresuid(2), getuid(2), setfsgid(2), setfsuid(2), setreuid(2), setuid(2), capabilities(7), credentials(7), feature_test_macros(7)

COLOPHON

       This page is part of release 3.25 of the Linux man-pages project.  A description of the project, and information about reporting bugs,  can
       be found at http://www.kernel.org/doc/man-pages/.

Linux								    2007-07-26							      SETRESUID(2)
All times are GMT -4. The time now is 09:29 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy