|
|
Sponsored Content
Operating Systems
Linux
Red Hat
Please help: Rhel5.6 and ldap+sasl
Post 302529608 by Linusolaradm1 on Thursday 9th of June 2011 08:22:01 PM
06-09-2011
|
|
7 More Discussions You Might Find Interesting
1. Red Hat
morning all,
anyone has installed samba on redhat el 5 server? after installed service (smb service in) where to edit samba configurations?
as for the el4, on desktop in application --> system setting --> server setting -- > samba.
but in el5, in the server setting no such samba... (5 Replies)
Discussion started by: maxlee24
5 Replies
2. Red Hat
Hi,
I am managing a Few Applications (like Apache,Jboss) running on RHEL 5.4.
I have just been notified that these servers need to be patched.
My question is ,will the configurations for Apache and Jboss and other applications get disturbed if the server is patched.?
If so what precautions... (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies
3. UNIX for Advanced & Expert Users
Hi
I am searching a tool like "LDAP Administrator 2011.1"/ "LDAP-SQL" but for the CLI.
Wish to use LDAP-SQL in scripts (non Windows GUI environment)
http://ldapadministrator.com/resources/english/2011.1/images/sqlquery_large.png
Softerra LDAP Administrator 2011.1 - What's New
OS is... (2 Replies)
Discussion started by: slashdotweenie
2 Replies
4. UNIX for Dummies Questions & Answers
Hello
I hope somebody can help with this.
I have a shell, that in case of failure, sends an email (relaying through an Exchange Server). This Exchange server only offers NTLM authentication.
250-AUTH NTLM
This is the configuration I have:
Postfix 2.1.1 as client.
Cyrus-SASL... (1 Reply)
Discussion started by: viktor1985
1 Replies
5. Shell Programming and Scripting
Hello
I hope somebody can help with this.
I have a shell, that in case of failure, sends an email (relaying through an Exchange Server). This Exchange server only offers NTLM authentication.
250-AUTH NTLM
This is the configuration I have:
Postfix 2.1.1 as client.
Cyrus-SASL... (1 Reply)
Discussion started by: viktor1985
1 Replies
6. HP-UX
I have installed all packages required(openldap,kerberos,cyrus-sasl)
configured ldap.conf
but when i did ldapsearch -Y gssapi return
ldapsearch -Y gssapi -H ldap://ldapserver-d -1 cn=prova
it did
ldap_msgfree
ldap_err2string
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)... (0 Replies)
Discussion started by: Linusolaradm1
0 Replies
7. Solaris
I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful.
The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)
Discussion started by: solaris_1977
9 Replies
LEARN ABOUT X11R4
ldapaddent
ldapaddent(1M) System Administration Commands ldapaddent(1M) NAME
ldapaddent - create LDAP entries from corresponding /etc files SYNOPSIS
ldapaddent [-cpv] [-a authenticationMethod] [-b baseDN] -D bindDN -w bind_password [-f filename] database ldapaddent -d [-v] [-a authenticationMethod] [-b baseDN] [-D bindDN] [-w bind_password] database DESCRIPTION
ldapaddent creates entries in LDAP containers from their corresponding /etc files. This operation is customized for each of the standard containers that are used in the administration of Solaris systems. The database argument specifies the type of the data being processed. Legal values for this type are one of aliases, auto_*, bootparams, ethers, group, hosts (including both IPv4 and IPv6 addresses), ipnodes (alias for hosts), netgroup, netmasks, networks, passwd, shadow, protocols, publickey, rpc, and services. In addition to the preceding, the database argument can be one of the RBAC-related files (see rbac(5)): o /etc/user_attr o /etc/security/auth_attr o /etc/security/prof_attr o /etc/security/exec_attr By default, ldapaddent reads from the standard input and adds this data to the LDAP container associated with the database specified on the command line. An input file from which data can be read is specified using the -f option. The entries will be stored in the directory based on the client's configuration, thus the client must be configured to use LDAP naming ser- vices. The location where entries are to be written can be overridden by using the -b option. If the entry to be added exists in the directory, the command displays an error and exits, unless the -c option is used. Although, there is a shadow database type, there is no corresponding shadow container. Both the shadow and the passwd data is stored in the people container itself. Similarly, data from networks and netmasks databases are stored in the networks container. The user_attr and audit_user data is stored by default in the people container. The prof_attr and exec_attr data is stored by default in the SolarisProfAttr container. You must add entries from the passwd database before you attempt to add entries from the shadow database. The addition of a shadow entry that does not have a corresponding passwd entry will fail. The passwd database must precede both the user_attr and audit_user databases. For better performance, the recommended order in which the databases should be loaded is as follows: o passwd database followed by shadow database o networks database followed by netmasks database o bootparams database followed by ethers database Only the first entry of a given type that is encountered will be added to the LDAP server. The ldapaddent command skips any duplicate entries. OPTIONS
The ldapaddent command supports the following options: -a authenticationMethod Specify authentication method. The default value is what has been configured in the profile. The supported authentication methods are: simple sasl/CRAM-MD5 sasl/DIGEST-MD5 tls:simple tls:sasl/CRAM-MD5 tls:sasl/DIGEST-MD5 Selecting simple causes passwords to be sent over the network in clear text. Its use is strongly discouraged. Additionally, if the client is configured with a profile which uses no authentication, that is, either the credentialLevel attribute is set to anonymous or authenticationMethod is set to none, the user must use this option to provide an authentication method. -b baseDN Create entries in the baseDN directory. baseDN is not relative to the client's default search base, but rather. it is the actual loca- tion where the entries will be created. If this parameter is not specified, the first search descriptor defined for the service or the default container will be used. -c Continue adding entries to the directory even after an error. Entries will not be added if the directory server is not responding or if there is an authentication problem. -D bindDN Create an entry which has write permission to the baseDN. When used with -d option, this entry only needs read permission. -d Dump the LDAP container to the standard output in the appropriate format for the given database. -f filename Indicates input file to read in an /etc/ file format. -p Process the password field when loading password information from a file. By default, the password field is ignored because it is usu- ally not valid, as the actual password appears in a shadow file. -w bind_password Password to be used for authenticating the bindDN. If this parameter is missing, the command will prompt for a password. NULL passwords are not supported in LDAP. When you use -w bind_password to specify the password to be used for authentication, the password is visible to other users of the sys- tem by means of the ps command, in script files or in shell history. -v Verbose. OPERANDS
The following operands are supported: database The name of the database or service name. Supported values are: aliases, auto_*, bootparams, ethers, group, hosts (including IPv6 addresses), netgroup, netmasks, networks, passwd, shadow, protocols, publickey, rpc, and services. Also supported are auth_attr, prof_attr, exec_attr, and user_attr. EXAMPLES
Example 1: Adding Password Entries to the Directory Server The following example show how to add password entries to the directory server: example# ldapaddent -D "cn=directory manager" -w secret -f /etc/passwd passwd Example 2: Adding Group Entries The following example shows how to add group entries to the directory server using sasl/CRAM-MD5 as the authentication method: example# ldapaddent -D "cn=directory manager" -w secret -a "sasl/CRAM-MD5" -f /etc/group group Example 3: Adding auto_master Entries The following example shows how to add auto_master entries to the directory server: example# dapaddent -D "cn=directory manager" -w secret -f /etc/auto_master auto_master Example 4: Dumping password Entries from the Directory to File The following examples shows how to dump password entries from the directory to a file foo: example# ldapaddent -d passwd > foo EXIT STATUS
The following exit values are returned: 0 Successful completion. >0 An error occurred. FILES
/var/ldap/ldap_client_file /var/ldap/ldap_client_cred Files containing the LDAP configuration of the client. These files are not to be modified manually. Their content is not guaranteed to be human readable. Use ldapclient(1M) to update these files. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWnisu | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ SEE ALSO
ldap(1), ldaplist(1), ldapmodify(1), ldapmodrdn(1), ldapsearch(1), idsconfig(1M), ldapclient(1M), suninstall(1M), attributes(5) System Administration Guide: Security Services SunOS 5.10 6 Jan 2004 ldapaddent(1M)