Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Need help in setting access to unix server
Top Forums UNIX for Dummies Questions & Answers Need help in setting access to unix server Post 302421293 by zaxxon on Friday 14th of May 2010 03:52:26 AM
Old 05-14-2010
There are accounts/users needed to access the AIX servers by ssh sessions. There is no way around. If they don't want temp users in LDAP, they need local users. There is only those two ways.

If they decide to use LDAP users for access, they have to use the following bold marked attribute in their LDAP:
Code:
hostsallowedlogin      SEC_LIST        hostsallowedlogin       m

If they use another name for this attribute in their MetaDirectory, it has to be changed accordingly in /etc/security/ldap/2307user.map or whatever map file for users is being pointed at in ldap.cfg at
Code:
userattrmappath:/etc/security/ldap/2307user.map

As you can see this attribute is a multi value attribute (m). They have to add in that attribute all the hostnames (the actual names you get on the AIX hosts when you type in the command hostname) that should be allowed to login to. It is a simple filter that works well. The AIX hosts have need a LDAP client up and running, connected to their MetaDirectory (LDAP-server) of course. The config etc. is for AIX LDAP, not openLDAP.

If they have chosen to leave LDAP out at all - they simply need a local account on the boxes that are being used.

For the network thingy, keep all servers behind the firewall for sure and set up a rule that ssh protocl connections from a specific host for a specific host after successful authentication of course is allowed. If the authentication thing at firewall level is a problem, you have at least the authentication against the AIX hosts.
 

10 More Discussions You Might Find Interesting

1. Solaris

setting up unix and 2000 server on network

i have a question i want to setup a unix server and 2000 server with an xp client i want to run bind can i still setup a primary dns on the 2000 box or can u use secondary dns on 2000 also i want to setup an exchange server on the 2000 server for email between the windows machines? basically i... (2 Replies)
Discussion started by: rmuhammad
2 Replies

2. UNIX for Dummies Questions & Answers

Ways to Access Files on Unix Server via Web

Hi all! I'm a web developer with a question. We have a contractor that is working on a project that requires the user to access a ton of files on the clients Unix server. He has plans to built a VB interface for on site windows users to access those files and wants us to develop a web based... (4 Replies)
Discussion started by: Imhotep1963
4 Replies

3. UNIX for Advanced & Expert Users

terminal setting in unix server

hi all, i have connected a new dump terminal to unix server.the connection is not direct.it is through a board. that is a board which contain lot of ports is connected to server. the terminals are connected to the board.when i connected the terminal to the server the message in terminal is like... (0 Replies)
Discussion started by: sujesh
0 Replies

4. Filesystems, Disks and Memory

Unix Sco Open Server, Windows Computers Problem Access Unix Shared Files Help!!!!!

Hello Moto I hope someone can help We's here at work, have a unix box with sco openserver 5 on it, so it has a nice gui interface.. and also a fair few windows computers.. a system admin guy b4 me, has set up a user called neil, which can, when u try to access the unix box using windows... (2 Replies)
Discussion started by: haggo
2 Replies

5. UNIX for Advanced & Expert Users

accessing ms access from unix server...

Hello, I have a databse stored in my Unix server. I can't change the database because is used by a third party software. How Can I make some queries to this database (I want to extend the information for all the users using Apache + php on the unix server.) I looked at unixODBC but I... (0 Replies)
Discussion started by: ncatdesigner
0 Replies

6. IP Networking

Access Unix server over the Internet

:(:confused: i am going to ask a silly question. is it possible to setup a unix server at home. once i have setup successfully, can i provide access to that server via internet. i do not have any commercial intent, behind this. (3 Replies)
Discussion started by: sudhiroracle
3 Replies

7. Shell Programming and Scripting

To access UNIX server from Tk application running on Windows

Hi, I am new to this forum and this is my first post. I want to know that if I make an application in Tk (version of Tcl to create GUI) in windows and want to run to UNIX server, is it possible ? In other words, can I access a UNIX server through a Tk application running on windows ? ... (1 Reply)
Discussion started by: ratneshnagori
1 Replies

8. UNIX for Dummies Questions & Answers

Access of Microsoft Team Foundation Server (TFS) repository from Unix Server

Hello, Some of our application team uses Microsoft Team Foundation server (TFS) reposity tool for their .NET projects , I would like to access it form Unix/Linux machine. Please let me know how can access the TFS from unix. Thanks (0 Replies)
Discussion started by: posix
0 Replies

9. UNIX for Dummies Questions & Answers

Access UNIX server based on windows

I want to look up log files on the unix server. My machine is windows 7 pro. I can view them from windows explorer but it is slow because huge amount logs files there. Is there a way or tools to quickly access it? Thanks. (7 Replies)
Discussion started by: zhshqzyc
7 Replies

10. Shell Programming and Scripting

Do I require remote login access to a windows server to transfer files from a UNIX server

Hi All I need to transfer a file from a UNIX server to a windows server. I saw that it is possible to do this using scp command by looking at the forum listed below: ... (2 Replies)
Discussion started by: vx04
2 Replies

LEARN ABOUT MOJAVE

net::ldap::control::syncdone

Net::LDAP::Control::SyncDone(3) 			User Contributed Perl Documentation			   Net::LDAP::Control::SyncDone(3)

NAME

       Net::LDAP::Control::SyncDone - LDAPv3 Sync Done control object

SYNOPSIS

       See Net::LDAP::Control::SyncRequest

DESCRIPTION

       "Net::LDAP::Control::SyncDone" provides an interface for the creation and manipulation of objects that represent the "Sync Request Control"
       as described by RFC 4533.

CONSTRUCTOR ARGUMENTS

       In addition to the constructor arguments described in Net::LDAP::Control the following are provided.

       cookie
       refreshDeletes

METHODS

       As with Net::LDAP::Control each constructor argument described above is also available as a method on the object which will return the
       current value for the attribute if called without an argument, and set a new value for the attribute if called with an argument.

SEE ALSO

       Net::LDAP, Net::LDAP::Control, Net::LDAP::Control::SyncRequest, Net::LDAP::Control::SyncState, http://www.ietf.org/rfc/rfc4533.txt

AUTHOR

       Mathieu Parent <math.parent@gmail.com>

       Please report any bugs, or post any suggestions, to the perl-ldap mailing list <perl-ldap@perl.org>

COPYRIGHT

       Copyright (c) 2008 Mathieu Parent. All rights reserved. This program is free software; you can redistribute it and/or modify it under the
       same terms as Perl itself.

perl v5.18.2							    2013-07-21					   Net::LDAP::Control::SyncDone(3)
All times are GMT -4. The time now is 11:27 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy