Hi,
I am trying to do an ldapsearch with a filter that checks the uid and the userpassword:
$filter= "(&(uid=$user) (userpassword=$password)";
$objs = $ldap->search( base => $basedn, filter => "($filter)");
i based it on this example i found on CPAN:
$mesg = $ldap->search(
... (2 Replies)
hi all
i m writin a c program to search ldap db for values.
i used the following code after search result return a value >0
if (result==1)
{
entry=ldap_first_entry(ld,msg);
for(....;....;...)
{
// code to store the data values
}
}
i m gettin an error at... (1 Reply)
Hi
I'm not a programmer but am muddling through as best I can. I am trying to set up a PostSearchHook for Radiator (RADIUS server), that carries out an LDAP lookup, and, based on the
string returned ("staff" or "student") in the "businessCategory" attribute, will set the $role to be either 40... (3 Replies)
I would like to do an ldap search which looks for entries which do not actually have a certain attribute. Not that the attribute is Null, but where the attribute does not exist.
Is this possible using ldapsearch? (3 Replies)
How can I do a ldapsearch to find a DN for a user when I know the exact cn for that user out of active directory.
I have tried several different commands (hundreds) but need the -b with the full dn to perform the search using ldapsearch from AIX. I am trying to find the OU for a user and the... (1 Reply)
I am posting in this section because in this regard I am a Dummy. I know very little about ldap.
We have a couple of ldap registries running on an AIX box. I can connect into those registries using an openldap browser.
But I am trying to run some queries against the registry on the server itself,... (1 Reply)
Hi Friends,
I have below scenarios .
dom1.test.com - LDAP
dom2.test.com - AD
Requirement is establish a trust relation between LDAP and AD server in such a way that if any user login on LDAP managed authentication server with
dom1\username -> get authenticated by LDAP host
... (2 Replies)
I need to write LDAP group query where I need to find if a particular user is a member of a 2 specific Groups. This is LDAP Novell edirectory implementation.
Below are the details -
================
LDIF entry for OndotAPI group
dn: cn=OndotAPI,ou=Groups,o=CNS
changetype: add ... (0 Replies)
I have an in interesting dilemna that I am trying to address. I have some ldap queries that I use to retrieve user information to perform access validations on a quarterly/annual basis. I can successfully pull the local users, and I can use ldapsearch to pull back all the users from the DN as well.... (7 Replies)
Discussion started by: dagamier
7 Replies
LEARN ABOUT V7
roles
roles(1) User Commands roles(1)NAME
roles - print roles granted to a user
SYNOPSIS
roles [ user ...]
DESCRIPTION
The command roles prints on standard output the roles that you or the optionally-specified user have been granted. Roles are special
accounts that correspond to a functional responsibility rather than to an actual person (referred to as a normal user).
Each user may have zero or more roles. Roles have most of the attributes of normal users and are identified like normal users in passwd(4)
and shadow(4). Each role must have an entry in the user_attr(4) file that identifies it as a role. Roles can have their own authorizations
and profiles. See auths(1) and profiles(1).
Roles are not allowed to log into a system as a primary user. Instead, a user must log in as him-- or herself and assume the role. The
actions of a role are attributable to the normal user. When auditing is enabled, the audited events of the role contain the audit ID of the
original user who assumed the role.
A role may not assume itself or any other role. Roles are not hierarchical. However, rights profiles (see prof_attr(4)) are hierarchical
and can be used to achieve the same effect as hierarchical roles.
Roles must have valid passwords and one of the shells that interprets profiles: either pfcsh, pfksh, or pfsh. See pfexec(1).
Role assumption may be performed using su(1M), rlogin(1), or some other service that supports the PAM_RUSER variable. Successful assumption
requires knowledge of the role's password and membership in the role. Role assignments are specified in user_attr(4).
EXAMPLES
Example 1: Sample output
The output of the roles command has the following form:
example% roles tester01 tester02
tester01 : admin
tester02 : secadmin, root
example%
EXIT STATUS
The following exit values are returned:
0 Successful completion.
1 An error occurred.
FILES
/etc/user_attr
/etc/security/auth_attr
/etc/security/prof_attr
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
SEE ALSO auths(1), pfexec(1), profiles(1), rlogin(1), su(1M), getauusernam(3BSM), auth_attr(4), passwd(4), prof_attr(4), shadow(4), user_attr(4),
attributes(5)SunOS 5.10 14 Feb 2001 roles(1)