Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Authenticate AIX users from MS Active Directory
Operating Systems AIX Authenticate AIX users from MS Active Directory Post 302479923 by kah00na on Monday 13th of December 2010 09:32:38 AM
Old 12-13-2010
These steps use Kerberos for only setup password authentication. This is not an LDAP connection, therefore, none of the user attributes are pulled from it. This solution is good for those that only want password centralization. If you want to use LDAP authentication, then the UIDs and GIDs have to match across systems, you have to involve the Windows administrators to get the AD server configured for your users, and various other tasks have to be performed. This method allows you, as the AIX admin, to be able to have your users authenticate their password from the AD with minimal effort and gets you out of the "I can't remember my password" game. Also, since you are only installing software and adding a second authentication method, there is no down time and you an switch users back and forth between local and AD authentication with only one command.
These 2 Users Gave Thanks to kah00na For This Post:
frank_rizzo System Admin 77
 

6 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Compiling Samba from Source on AIX, Active Directory, LDAP, Kerberos

Hello, I asked this question in the AIX subforum but never received an answer, probably because the AIX forum is not that heavily trafficked. Anyway, here it is.. I have never had any issues like this when compiling applications from source. When I try to compile samba-3.5.0pre2, configure runs... (9 Replies)
Discussion started by: raidzero
9 Replies

2. UNIX for Dummies Questions & Answers

control permissions for Active Directory users on AIX

Hello, I've configured an user authentication against Active Directory (Windows Server 2008 R2) on AIX V6 with LDAP. It works fine. And here's my problem: How can I control ldap user permissions on the local AIX machine? E.g. an AD user should be able to write all files of local sys... (1 Reply)
Discussion started by: xia777
1 Replies

3. Proxy Server

Solaris 11.1 login authenticate with windows active directory

Hi, is that possible to login to solaris 11.1 authenticate with windows active directory? the user id is created in the windows active directory. Environment: Solaris 11.1 Windows 2012 Active Directory (3 Replies)
Discussion started by: freshmeat
3 Replies

4. UNIX for Advanced & Expert Users

Windows AD users authenticate to Linux

Hello folks, Please advise me what is the best way to authenticate Windows AD users against Linux machines. Currently I am going to take a look of Vintela Authentication Services and please let me know if you have experience with VIntela. Thanks in advance (1 Reply)
Discussion started by: Vit0_Corleone
1 Replies

5. AIX

AIX 7.1 - Samba 4 File Shares and Integration with Active Directory Issues

Hi. Ive recently upgraded Samba on an AIX server to Samba 4. The aim is to allow a specific group of Windows AD users to access some AIX file shares (with no requirement to enter passwords) - using AD to authenticate. Currently I have: Samba 4 installed ( and 3 daemons running) Installed... (1 Reply)
Discussion started by: linuxsnake
1 Replies

6. AIX

Samba 3.6 on AIX 7.1 - Windows 10 Access to AIX file shares using Active Directory authentication

I am running AIX 7.1 and currently we have samba 3.6.25 installed on the server. As it stands some AIX folders are shared that can be accessed by certain Windows users. The problem is that since Windows 10 the guest feature no longer works so users have to manually type in their Windows login/pwd... (14 Replies)
Discussion started by: linuxsnake
14 Replies

LEARN ABOUT OSX

net::ldap::extra::ad

Net::LDAP::Extra::AD(3) 				User Contributed Perl Documentation				   Net::LDAP::Extra::AD(3)

NAME

       Net::LDAP::Extra:AD -- AD convenience methods

SYNOPSIS

	 use Net::LDAP::Extra qw(AD);

	 $ldap = Net::LDAP->new( ... );

	 ...

	 if ($ldap->is_AD || $ldap->is_ADAM) {
	   $ldap->change_ADpassword($dn, $old_password, $new_password);
	 }

DESCRIPTION

       Net::LDAP::Extra::AD tries to spare users the necessity to reinvent the wheel again and again in order to correctly encode password strings
       so that they can be used in AD password change operations.

       To do so, it provides the following methods:

METHODS

       is_AD ( )
	   Tell if the LDAP server queried is an Active Directory Domain Controller.

	   As the check is done by querying the root DSE of the directory, it works without being bound to the directory.

       is_ADAM ( )
	   Tell if the LDAP server queried is running AD LDS (Active Directory Lightweight Directory Services), previously known as ADAM (Active
	   Directoy Application Mode).

	   As the check is done by querying the root DSE of the directory, it works without being bound to the directory.

       change_ADpassword ( DN, OLD_PASSWORD, NEW_PASSWORD )
	   Change the password of the account given by DN from its old value OLD_PASSWORD to the new value NEW_PASSWORD.

	   This method requires encrypted connections.

       reset_ADpassword ( DN, NEW_PASSWORD, OPTIONS )
	   Reset the password of the account given by DN to the value given in NEW_PASSWORD.  OPTIONS is a list of key/value pairs. The following
	   keys are recognized:

	   force_change
	       If TRUE, the affected user is required to change the password at next login.

	   For this method to work, the caller needs to be bound to AD with sufficient permissions, and the connection needs to be encrypted.

AUTHOR

       Peter Marschall <peter@adpm.de<gt>

COPYRIGHT

       Copyright (c) 2012 Peter Marschall. All rights reserved. This program is free software; you can redistribute it and/or modify it under the
       same terms as Perl itself.

perl v5.16.2							    2012-10-06						   Net::LDAP::Extra::AD(3)
All times are GMT -4. The time now is 04:41 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy