Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Authenticate AIX users from MS Active Directory
Operating Systems AIX Authenticate AIX users from MS Active Directory Post 302500377 by kah00na on Monday 28th of February 2011 11:21:24 AM
Old 02-28-2011
As a follow up to this post, if your Windows Admins apply "Microsoft Security Bulletin MS11-013 - Important", then you will need to change the default_tkt_enctypes and default_tgs_enctypes back to their default:
Code:
default_tkt_enctypes = des3-cbc-sha1 arcfour-hmac aes256-cts des-cbc-md5 des-cbc-crc aes128-cts
default_tgs_enctypes = des3-cbc-sha1 arcfour-hmac aes256-cts des-cbc-md5 des-cbc-crc aes128-cts

I speak from experience.
 

6 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Compiling Samba from Source on AIX, Active Directory, LDAP, Kerberos

Hello, I asked this question in the AIX subforum but never received an answer, probably because the AIX forum is not that heavily trafficked. Anyway, here it is.. I have never had any issues like this when compiling applications from source. When I try to compile samba-3.5.0pre2, configure runs... (9 Replies)
Discussion started by: raidzero
9 Replies

2. UNIX for Dummies Questions & Answers

control permissions for Active Directory users on AIX

Hello, I've configured an user authentication against Active Directory (Windows Server 2008 R2) on AIX V6 with LDAP. It works fine. And here's my problem: How can I control ldap user permissions on the local AIX machine? E.g. an AD user should be able to write all files of local sys... (1 Reply)
Discussion started by: xia777
1 Replies

3. Proxy Server

Solaris 11.1 login authenticate with windows active directory

Hi, is that possible to login to solaris 11.1 authenticate with windows active directory? the user id is created in the windows active directory. Environment: Solaris 11.1 Windows 2012 Active Directory (3 Replies)
Discussion started by: freshmeat
3 Replies

4. UNIX for Advanced & Expert Users

Windows AD users authenticate to Linux

Hello folks, Please advise me what is the best way to authenticate Windows AD users against Linux machines. Currently I am going to take a look of Vintela Authentication Services and please let me know if you have experience with VIntela. Thanks in advance (1 Reply)
Discussion started by: Vit0_Corleone
1 Replies

5. AIX

AIX 7.1 - Samba 4 File Shares and Integration with Active Directory Issues

Hi. Ive recently upgraded Samba on an AIX server to Samba 4. The aim is to allow a specific group of Windows AD users to access some AIX file shares (with no requirement to enter passwords) - using AD to authenticate. Currently I have: Samba 4 installed ( and 3 daemons running) Installed... (1 Reply)
Discussion started by: linuxsnake
1 Replies

6. AIX

Samba 3.6 on AIX 7.1 - Windows 10 Access to AIX file shares using Active Directory authentication

I am running AIX 7.1 and currently we have samba 3.6.25 installed on the server. As it stands some AIX folders are shared that can be accessed by certain Windows users. The problem is that since Windows 10 the guest feature no longer works so users have to manually type in their Windows login/pwd... (14 Replies)
Discussion started by: linuxsnake
14 Replies

LEARN ABOUT MOJAVE

net::ldap::extra::ad5.18

Net::LDAP::Extra::AD(3) 				User Contributed Perl Documentation				   Net::LDAP::Extra::AD(3)

NAME

       Net::LDAP::Extra::AD -- AD convenience methods

SYNOPSIS

	 use Net::LDAP::Extra qw(AD);

	 $ldap = Net::LDAP->new( ... );

	 ...

	 if ($ldap->is_AD || $ldap->is_ADAM) {
	   $ldap->change_ADpassword($dn, $old_password, $new_password);
	 }

DESCRIPTION

       Net::LDAP::Extra::AD tries to spare users the necessity to reinvent the wheel again and again in order to correctly encode password strings
       so that they can be used in AD password change operations.

       To do so, it provides the following methods:

METHODS

       is_AD ( )
	   Tell if the LDAP server queried is an Active Directory Domain Controller.

	   As the check is done by querying the root DSE of the directory, it works without being bound to the directory.

       is_ADAM ( )
	   Tell if the LDAP server queried is running AD LDS (Active Directory Lightweight Directory Services), previously known as ADAM (Active
	   Directoy Application Mode).

	   As the check is done by querying the root DSE of the directory, it works without being bound to the directory.

       change_ADpassword ( DN, OLD_PASSWORD, NEW_PASSWORD )
	   Change the password of the account given by DN from its old value OLD_PASSWORD to the new value NEW_PASSWORD.

	   This method requires encrypted connections.

       reset_ADpassword ( DN, NEW_PASSWORD, OPTIONS )
	   Reset the password of the account given by DN to the value given in NEW_PASSWORD.  OPTIONS is a list of key/value pairs. The following
	   keys are recognized:

	   force_change
	       If TRUE, the affected user is required to change the password at next login.

	   For this method to work, the caller needs to be bound to AD with sufficient permissions, and the connection needs to be encrypted.

AUTHOR

       Peter Marschall <peter@adpm.de<gt>

COPYRIGHT

       Copyright (c) 2012 Peter Marschall. All rights reserved. This program is free software; you can redistribute it and/or modify it under the
       same terms as Perl itself.

perl v5.18.2							    2013-12-23						   Net::LDAP::Extra::AD(3)
All times are GMT -4. The time now is 09:22 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy