03-14-2013
Configure Solaris to accept Active Directory user logins
Is it possible to configure a Solaris server to authenticate users against an Active Directory server when logging in via ssh?
I've seen some docs out there, I've followed their instructions, but it does not work. And I'm beginning to wonder if it is possible or even supported by Oracle. The dics I saw seemed to be making the solaris server be an AD client to access shares but i want to get ssh logins working.
Has anyone successfully done this?
7 More Discussions You Might Find Interesting
1. Solaris
Hi Everyone,
Is it possible to for Solaris 9 box to join a Windows 2000 Active Directory Domain using Samba 3.X. If so are there any How To's out there or does anyone have experience with this. I have successfully done it with RHEL 3.
Things that I configured in REDHAt to get it to... (0 Replies)
Discussion started by: morphous
0 Replies
2. Cybersecurity
Hi,
What should I change in the httpd.conf so that the apache will accept request from page from specific IP and deny all the rest IP.
I am reading the document of the apache but it is very long (700 pages) and I searched but I could not find something about this.
So if someone can explain... (0 Replies)
Discussion started by: programAngel
0 Replies
3. Solaris
Hi All, We are using solaris samba server for our company project to provide access to code to our development team.Recently our ICT has disabled wins service on Active directory due which user are not able to connect to samba share and they are getting error "No logon server available" as samba... (2 Replies)
Discussion started by: sahil_shine
2 Replies
4. Proxy Server
Hi,
is that possible to login to solaris 11.1 authenticate with windows active directory? the user id is created in the windows active directory.
Environment:
Solaris 11.1
Windows 2012 Active Directory (3 Replies)
Discussion started by: freshmeat
3 Replies
5. Solaris
We are having a hard time joining our organizations Active Directory using this guide. Keep getting hit with syntax and authentication errors.
Has anyone here joined a Solaris 11 to an Active Directory using smbadm as detailed in this example? I understand that the example I cited is mainly... (0 Replies)
Discussion started by: LittleLebowski
0 Replies
6. Solaris
Gentleman,
i am trying to setup Authentication for my Solaris 11 Server through Active Directory (Server 2012 R2).
At least some things are already working, for example a getent passwd mydomainuser and ldapsearch command comes back with a correct result. So not everything i did was wrong.
... (1 Reply)
Discussion started by: bahnhasser83
1 Replies
7. UNIX for Beginners Questions & Answers
Hi folks,
I am fairly a beginner when it comes to Solaris OS administration, but part of my job somehow has scope to provide L1-level of OS administration over a few solaris servers.
Now, we have a requirement to limit the number of simultaneous ssh logins/sessions to the server, sort of... (0 Replies)
Discussion started by: engrcha
0 Replies
LEARN ABOUT DEBIAN
authen::simple::ldap
Authen::Simple::LDAP(3pm) User Contributed Perl Documentation Authen::Simple::LDAP(3pm)
NAME
Authen::Simple::LDAP - Simple LDAP authentication
SYNOPSIS
use Authen::Simple::LDAP;
my $ldap = Authen::Simple::LDAP->new(
host => 'ldap.company.com',
basedn => 'ou=People,dc=company,dc=net'
);
if ( $ldap->authenticate( $username, $password ) ) {
# successfull authentication
}
# or as a mod_perl Authen handler
PerlModule Authen::Simple::Apache
PerlModule Authen::Simple::LDAP
PerlSetVar AuthenSimpleLDAP_host "ldap.company.com"
PerlSetVar AuthenSimpleLDAP_basedn "ou=People,dc=company,dc=net"
<Location /protected>
PerlAuthenHandler Authen::Simple::LDAP
AuthType Basic
AuthName "Protected Area"
Require valid-user
</Location>
DESCRIPTION
Authenticate against a LDAP service.
METHODS
o new
This method takes a hash of parameters. The following options are valid:
o host
Connection host, can be a hostname, IP number or a URI. Defaults to "localhost".
host => ldap.company.com
host => 10.0.0.1
host => ldap://ldap.company.com:389
host => ldaps://ldap.company.com
o port
Connection port, default to 389. May be overridden by host if host is a URI.
port => 389
o timeout
Connection timeout, defaults to 60.
timeout => 60
o version
The LDAP version to use, defaults to 3.
version => 3
o binddn
The distinguished name to bind to the server with, defaults to bind anonymously.
binddn => 'uid=proxy,cn=users,dc=company,dc=com'
o bindpw
The credentials to bind with.
bindpw => 'secret'
o basedn
The distinguished name of the search base.
basedn => 'cn=users,dc=company,dc=com'
o filter
LDAP filter to use in search, defaults to "(uid=%s)".
filter => '(uid=%s)'
o scope
The search scope, can be "base", "one" or "sub", defaults to "sub".
filter => 'sub'
o log
Any object that supports "debug", "info", "error" and "warn".
log => Log::Log4perl->get_logger('Authen::Simple::LDAP')
o authenticate( $username, $password )
Returns true on success and false on failure.
EXAMPLE USAGE
Apple Open Directory
my $ldap = Authen::Simple::LDAP->new(
host => 'od.company.com',
basedn => 'cn=users,dc=company,dc=com',
filter => '(&(objectClass=inetOrgPerson)(objectClass=posixAccount)(uid=%s))'
);
Microsoft Active Directory
my $ldap = Authen::Simple::LDAP->new(
host => 'ad.company.com',
binddn => 'proxyuser@company.com',
bindpw => 'secret',
basedn => 'cn=users,dc=company,dc=com',
filter => '(&(objectClass=organizationalPerson)(objectClass=user)(sAMAccountName=%s))'
);
Active Directory by default does not allow anonymous binds. It's recommended that a proxy user is used that has sufficient rights to search
the desired tree and attributes.
SEE ALSO
Authen::Simple::ActiveDirectory.
Authen::Simple.
Net::LDAP.
AUTHOR
Christian Hansen "chansen@cpan.org"
COPYRIGHT
This program is free software, you can redistribute it and/or modify it under the same terms as Perl itself.
perl v5.14.2 2012-04-23 Authen::Simple::LDAP(3pm)