03-11-2013
Recommended approach for using centralized solution with Tivoli Directory server
We plan to implement a similar solution with Tivoli Directory server as the LDAP server.
What would be the recommended approach ? Will it work with all different flavors and versions of Unix ? we have AIX versions from 4.3 to 7.1, Solaris and Linux boxes too.
How do we handle provisioning new users when we want a centralized user repository ?
Also how can we exclude admin ids from using LDAP authentication ? e.g. root user should continue to use the unix system authentication.
Any answers, pointers would be very helpful. Thanks in advance.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hello Everyone,
I have enabled LDAP authentication on my Web script by adding the list of valid users in /etc/apach2/default-server.conf. However, I now want to retrieve the username of the person that logs in. How can I do that? Is there any such module?
Regards,
Harsha (0 Replies)
Discussion started by: garric
0 Replies
2. UNIX and Linux Applications
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
Discussion started by: bptronics
1 Replies
3. Linux
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
Discussion started by: bptronics
1 Replies
4. Cybersecurity
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
Discussion started by: bptronics
1 Replies
5. HP-UX
Hi to all,
i try to configure an HpUx 11.23 to use a Sun Directory Server to authenticate in system.
In my ldap the users is posixAccount.
I read in www that there is a sotware called LDAPUX but it use a profile, and it requires a change that i can't execute in my ldap because it is used also... (0 Replies)
Discussion started by: suuuper
0 Replies
6. Red Hat
I am trying to convert all my redhat servers over to ldap. I have solved almost all the probems but am having trouble getting cvs pserver to authenticate. I'm running redhat 4. Just patched everything the other day.
cvs is cvs-1.11.17-9.1.el4_7.1. Any suggestions would be welcome.
Obviously... (1 Reply)
Discussion started by: jhtrice
1 Replies
7. Solaris
Hi folks,
i have opends 1.2 manually installed
subversion 1.4.3 and apache2 updated by package manager.
i want to access svn using LDAP authentication
its giving an error:
ldap_simple_bind_s() failed.
what could be the problem.
i wrote some text at the end of httpd.conf fpr ldap... (2 Replies)
Discussion started by: visu_buri
2 Replies
8. Solaris
Hi all,
I have two virtual machines, one with Suse and another with opensolaris 2009.06.
The ldap server is in the Suse machine.
From my opensolaris, with command ldalist i can see the information about the ldap configuration, i mean, the dn: ou:....
if i type id <ldapuser> i can see the user... (0 Replies)
Discussion started by: checoturco
0 Replies
9. AIX
Hi, We are trying to use LDAP to authenticate the login from our application. Our application is installed on AIX 6.1 and LDAP server is on active directory windows 2003.
We are getting the below error when we try to login. We have the required lib file in the path it is looking for. Any idea... (3 Replies)
Discussion started by: Nand1010_MA
3 Replies
10. Emergency UNIX and Linux Support
Hi Friends,
I have below scenarios .
dom1.test.com - LDAP
dom2.test.com - AD
Requirement is establish a trust relation between LDAP and AD server in such a way that if any user login on LDAP managed authentication server with
dom1\username -> get authenticated by LDAP host
... (2 Replies)
Discussion started by: Shirishlnx
2 Replies
LEARN ABOUT CENTOS
net::ldap::extra::ad
Net::LDAP::Extra::AD(3) User Contributed Perl Documentation Net::LDAP::Extra::AD(3)
NAME
Net::LDAP::Extra::AD -- AD convenience methods
SYNOPSIS
use Net::LDAP::Extra qw(AD);
$ldap = Net::LDAP->new( ... );
...
if ($ldap->is_AD || $ldap->is_ADAM) {
$ldap->change_ADpassword($dn, $old_password, $new_password);
}
DESCRIPTION
Net::LDAP::Extra::AD tries to spare users the necessity to reinvent the wheel again and again in order to correctly encode password strings
so that they can be used in AD password change operations.
To do so, it provides the following methods:
METHODS
is_AD ( )
Tell if the LDAP server queried is an Active Directory Domain Controller.
As the check is done by querying the root DSE of the directory, it works without being bound to the directory.
is_ADAM ( )
Tell if the LDAP server queried is running AD LDS (Active Directory Lightweight Directory Services), previously known as ADAM (Active
Directoy Application Mode).
As the check is done by querying the root DSE of the directory, it works without being bound to the directory.
change_ADpassword ( DN, OLD_PASSWORD, NEW_PASSWORD )
Change the password of the account given by DN from its old value OLD_PASSWORD to the new value NEW_PASSWORD.
This method requires encrypted connections.
reset_ADpassword ( DN, NEW_PASSWORD, OPTIONS )
Reset the password of the account given by DN to the value given in NEW_PASSWORD. OPTIONS is a list of key/value pairs. The following
keys are recognized:
force_change
If TRUE, the affected user is required to change the password at next login.
For this method to work, the caller needs to be bound to AD with sufficient permissions, and the connection needs to be encrypted.
AUTHOR
Peter Marschall <peter@adpm.de<gt>
COPYRIGHT
Copyright (c) 2012 Peter Marschall. All rights reserved. This program is free software; you can redistribute it and/or modify it under the
same terms as Perl itself.
perl v5.16.3 2013-06-07 Net::LDAP::Extra::AD(3)