Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Where does OS X store LDAP and login settings?
Operating Systems OS X (Apple) Where does OS X store LDAP and login settings? Post 302723069 by jnojr on Monday 29th of October 2012 11:14:32 AM
Old 10-29-2012
Quote:
Originally Posted by xbin
Beyond the traditional /etc for system configurations
I haven't been able to find anything in /etc There's an /etc/openldap/ldap.conf but it's empty, even after I use the Directory Utility to create a bogus entry. Using find to look for any file modified within the past minute or two after using that utility also turns up nothing.

Quote:
OS X uses preference files in xml or binary format located in /Library/Preferences. These files are usually operated on with the tools, defaults and PlistBuddy. Some of what you are looking for would be placed in the /Library/Preferences/loginwindow.plist
There's no such file as /Library/Preferences/loginwindow.plist There is no "loginwindow.plist" anywhere in /Library or /System/Library.

I'm really hoping for someone who KNOWS the answer. I can guess and poke around and experiment as much as anyone, but I can only spend so much time on trying to figure out the depthless mysteries of OS X :-P

---------- Post updated at 08:14 AM ---------- Previous update was at 08:04 AM ----------

Quote:
Originally Posted by [MA]Flying_Meat
dscl
id
odutil
Thanks, I'll look into those.

Quote:
I have no idea what DISA STIG is
DISA STIGS

"The Security Technical Implementation Guides (STIGs) and the NSA Guides are the configuration standards for DOD IA and IA-enabled devices/systems."

Quote:
or the specific items it is supposed to test for, but, just some suggestions...
The specific items I'm trying to check:

Check Content:
Open Finder.
Click the Hard Drive icon.
Double Click System.
Double Click Library.
Double Click CoreServices.
Double Click Directory Utility.
Click the Show Advanced Options button.
Click Services tab.
Click the Lock and enter the password to unlock the options (if needed).
Click the LDAPv3 service.
Click the Pencil icon.
Highlight the Server Name/Configuration Name.
Click Edit.
Click the Connection tab and verify "Encrypt using SSL" is selected. If "Encrypt using SSL" is not selected, this is a finding.
Click the Security tab and verify the "Use authentication when connecting" is checked. If option is not checked, this is a finding.
Click on Security tab and verify the "Disable clear text passwords" is checked. If the value is not checked, this is a finding.
Click on Security tab and verify the "Digitally sign all packets (requires Kerberos) " is checked. If the value is not checked, this is a finding.
Click on Security tab and verify the "Encrypt all packets (requires SSL or Kerberos) " is checked. If the value is not checked, this is a finding.
Click on Security tab and verify the "Block man-in-the-middle attacks (requires Kerberos)" is checked. If the value is not checked, this is a finding.

Since that's all server config issues, I doubt that directory queries would return them. Those settings have to be stored somewhere local... I just need to find out where. Dunno what's wrong with plaintext config files!
 

9 More Discussions You Might Find Interesting

1. Web Development

APACHE: Tie in Web Page login with server login

Hello, I have created a web page on a server using apache and added .htaccess and .htpasswd in the folder for authentification. I was wondering if there was anyway to tie-in the login for this page with the login used to logon to the server. i.e. the same login info. is used for both,... (2 Replies)
Discussion started by: WhotheWhat
2 Replies

2. UNIX for Advanced & Expert Users

Different login shells in LDAP

Hi folks, we have a very heterogenous server environment. There are also lots of AIX and Linux servers which usually have different login shells and all servers have to be integrated into LDAP. The LDAP Meta Directory is hosted by a Novell eDirectory. On our Linux boxes it is usually bash, on... (5 Replies)
Discussion started by: zaxxon
5 Replies

3. Shell Programming and Scripting

ksh script that echo " please insert your name " and store the output to a login.log file.

Hello All Nice to meet you all here in this forum, it's my 1rst time here i'm asking about a little issue that i face i added a ksh script that echo " please insert your name " and store the output to a login.log file. the script is working fine with normal telnet but Xstart is not working... (8 Replies)
Discussion started by: islam.said
8 Replies

4. Shell Programming and Scripting

What settings are required for login to CVS using Terminal in Mac OS X?

Hi All, I want to login to CVS using terminal. I am executing the following command in the terminal :- export CVSROOT=: pserver:ags_rd@istcvs.corp.apple.com:/istcvs/CVSHOME cvs login But i get the following error : Afreens-iMac:buildTest Afreen$ export CVSROOT=:... (3 Replies)
Discussion started by: Afreen
3 Replies

5. OS X (Apple)

What settings are required for login to CVS using Terminal in Mac OS X?

Hi All, I want to login to CVS using terminal. I am executing the following command in the terminal :- export CVSROOT=: pserver:ags_rd@istcvs.corp.apple.com:/istcvs/CVSHOME cvs login But i get the following error : Afreens-iMac:buildTest Afreen$ export CVSROOT=:... (1 Reply)
Discussion started by: Afreen
1 Replies

6. AIX

Stty settings before login

Hello. I'm experiencing a frustrating issue. I'm using an old, unsupported terminal client (QVT) with AIX 6.1 using ssh2. I've come up with some stty settings that allow full usage of the system but to do so I've had to set "igncr". While this works fine once the user is logged in there are... (12 Replies)
Discussion started by: RedCabbage
12 Replies

7. UNIX for Advanced & Expert Users

something like LDAP Administrator 2011.1 "LDAP-SQL" but for the CLI

Hi I am searching a tool like "LDAP Administrator 2011.1"/ "LDAP-SQL" but for the CLI. Wish to use LDAP-SQL in scripts (non Windows GUI environment) http://ldapadministrator.com/resources/english/2011.1/images/sqlquery_large.png Softerra LDAP Administrator 2011.1 - What's New OS is... (2 Replies)
Discussion started by: slashdotweenie
2 Replies

8. Red Hat

How to cache login in ldap clients !!! Please helpppp !!!!

Hey guys iīve one big problem with nscd.conf this donīt work i tried many examples of configuration the nscd.conf simply donīt work when i stop the ldap server i try access by ssh on the client i canīt make logon. And the database on /var/db/nscd donīt work. follows below the conf of... (0 Replies)
Discussion started by: paulo_eduardo
0 Replies

9. Solaris

LDAP Client not connecting to LDAP server

I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful. The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)
Discussion started by: solaris_1977
9 Replies
All times are GMT -4. The time now is 09:47 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy