Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: LDAP users with RBAC Roles
Operating Systems Solaris LDAP users with RBAC Roles Post 302389562 by jlliagre on Monday 25th of January 2010 08:43:56 AM
Old 01-25-2010
Quote:
Originally Posted by solaris_user
Like JAVA and OpenSolaris , RBAC is one of three things that are not good for usage
??
Quote:
RBAC works only with Solaris , it is better to use read write permissions on group of users on some directory
Permissions are unlikely to replace the Solaris "Primary Administrator" role features.

mduweik: It is perfectly possible to have roles managed by an external LDAP directory. Before trying to use Active Directory, you probably might try first following the supported path, i.e. using Sun Directory Server as a back-end and initializing it with the Solaris supplied script idsconfig. Alternatively, you might also use OpenDS which already has support for the Solaris RBAC related schemas, eg: SolarisUserAttr.
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Equivalent of ADMCHG for LDAP Users

All newly created Aix5 users are forced to change password first time when they log in. We know removing the ADMCHG flag in passwd file will not prompt the user for change password. But we are trying to figure out the similar solution if the user is created as a LDAP user ?. Any help? Thanks... (0 Replies)
Discussion started by: vipas
0 Replies

2. UNIX for Advanced & Expert Users

link LDAP-Users

hi, is it possible to link users on a LDAP-Server from one container to another? we have two trees, one for AIX and one for solaris-linux but we have a few users in both trees, they should have the same password and a password change must affect both entries we use IBM Directory Server... (3 Replies)
Discussion started by: funksen
3 Replies

3. Linux

Monitor ldap users

Any way to find the ldap users currently logged into the clinets ? I am using Openldap with NFS for home directory mounts. (0 Replies)
Discussion started by: nitin09
0 Replies

4. AIX

Customize Roles - HMC

Hi All, i would like to know if it's possible to create a new custom role on HMC to manage only one LPAR and few activity on it (START,STOP,CONSOLE). It's possible create this custom role? If yes where i can read something about? Thanks in advance. Bye. Zio (1 Reply)
Discussion started by: Zio Bill
1 Replies

5. Linux

Help me with all users ldap

Need to find the ldap id's of all the users in my organizations... is there any command??? (0 Replies)
Discussion started by: Syed Imran
0 Replies

6. AIX

RBAC and LDAP users (AD)

Hello everyone, I am having trouble with something, and I can't find the right answer online. On our company, we are using LDAP Authentication with Active Directory (Windows 2008 Servers) to have a centralized management of AIX 7.1 users. So far so good, but now, we want to implement RBAC on... (7 Replies)
Discussion started by: Janpol
7 Replies

7. UNIX and Linux Applications

Oracle Database - How to check if user roles and system roles are separated?

I have these two table. How do I see if user roles and system roles are seperated? SQL> desc DBA_ROLES; Name Null? Type ----------------------------------------- -------- ---------------------------- ROLE NOT NULL... (1 Reply)
Discussion started by: alvinoo
1 Replies

8. Solaris

LDAP Client not connecting to LDAP server

I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful. The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)
Discussion started by: solaris_1977
9 Replies

9. Solaris

How do you assign multiple roles in RBAC?

Oracle Solaris 10 9/10 s10s_u9wos_14a SPARC Hi, just starting with RBAC. I have managed to create a test user with assigned roles: Basic Actions Basic Solaris UserI also didroleadd -d /export/home/userrole -m userrolebut when I didrolemod -P "Basic Actions" userrole rolemod -P "Basic... (1 Reply)
Discussion started by: rino19ny
1 Replies

LEARN ABOUT XFREE86

idsconfig

idsconfig(1M)						  System Administration Commands					     idsconfig(1M)

NAME

       idsconfig - prepare an iPlanet Directory Server (iDS) to be populated with data and serve LDAP clients

SYNOPSIS

	/usr/lib/ldap/idsconfig [-v] [-i input_configfile] [-o output_configfile]

DESCRIPTION

       Use  the idsconfig tool to set up an iPlanet Directory Server (iDS). You can specify the input configuration file with the -i option on the
       command line. Alternatively, the tool will prompt the user for configuration information. The  input  configuration   file  is  created	by
       idsconfig with the -o option on a previous run.

       The first time a server is set up, the user is prompted for all the required information.  Future installations on that machine can use the
       configuration file previously generated by idsconfig using the -o option.

       The output configuration file contains the directory administrator's password in clear text. Thus, if you are creating an output configura-
       tion file, take appropriate security precautions.

       You should back up the directory server's configuration and data prior to running this command.

OPTIONS

       The following options are supported:

       -i input_configfile     Specify	the  file name for idsconfig to use as a configuration file.  This file will be read by idsconfig, and the
			       values  in the file will be used to configure the server.  Do not manually edit input_configfile. The input_config-
			       file  is  only  partially validated, as idsconfig assumes that the file was created by a previous invocation of the
			       command.

       -o output_configfile    Create a configuration file.

       -v		       Verbose output.

OPERANDS

       The following operands are supported:

       input_configfile        Name of configuration file for idsconfig to use.

       output_configfile       Configuration file created by idsconfig.

EXAMPLES

       Example 1: Prompting the User for Input

       In the following example, the user is prompted for information to set up iDS.

       example# idsconfig

       Example 2: Creating an Output Configuration File

       In the following example, the user is prompted for information to set up iDS, and an output configuration file, config.1, is  created  when
       completed.

       example# idsconfig -o config.1

       Example 3: Setting up iDS Using the Specified Configuration File

       In  the	following example, iDS is set up by using the values specified in the configuration file, config.1. The verbose mode is specified,
       so detailed information will print to the screen.

       example# idsconfig -v -i config.1

EXIT STATUS

       The following exit values are returned:

       0	Successful completion.

       >0	An error occurred.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWnisu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ldap(1), ldapadd(1), ldapdelete(1), ldaplist(1), ldapmodify(1),	ldapmodrdn(1),	ldapsearch(1),	ldap_cachemgr(1M),  ldapaddent(1M),  ldap-
       client(1M), suninstall(1M), resolv.conf(4), attributes(5)

SunOS 5.10							    18 Oct 2001 						     idsconfig(1M)
All times are GMT -4. The time now is 07:06 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy