Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: LDAP authentication client issue
Operating Systems AIX LDAP authentication client issue Post 302809165 by MichaelFelt on Saturday 18th of May 2013 12:03:33 PM
Old 05-18-2013
I will have to check my notes, but I think it is caused by the authtype:ldap_auth option you are choosing. I recall having some issues with that.

Have you tried using a command like:
Code:
LDAP_SERVER=somehost
PWD=myPassword
...
mksecldap -c -h ${LDAP_SERVER} -a cn=aixtools -p ${PWD} -d cn=aixadmin

I do not have my test installation up at the moment, so I cannot check the authtype setting when using mksecldap command.

Hope this helps!
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Module for LDAP Authentication

Hello Everyone, I have enabled LDAP authentication on my Web script by adding the list of valid users in /etc/apach2/default-server.conf. However, I now want to retrieve the username of the person that logs in. How can I do that? Is there any such module? Regards, Harsha (0 Replies)
Discussion started by: garric
0 Replies

2. Linux

LDAP authentication question

Hello, I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it. Presently, I have configured Basic authentication with apache but the security is not tight. I... (1 Reply)
Discussion started by: bptronics
1 Replies

3. Cybersecurity

LDAP authentication question

Hello, I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it. Presently, I have configured Basic authentication with apache but the security is not tight. I... (1 Reply)
Discussion started by: bptronics
1 Replies

4. Red Hat

CVS ldap authentication

I am trying to convert all my redhat servers over to ldap. I have solved almost all the probems but am having trouble getting cvs pserver to authenticate. I'm running redhat 4. Just patched everything the other day. cvs is cvs-1.11.17-9.1.el4_7.1. Any suggestions would be welcome. Obviously... (1 Reply)
Discussion started by: jhtrice
1 Replies

5. Solaris

LDAP authentication

Hi folks, i have opends 1.2 manually installed subversion 1.4.3 and apache2 updated by package manager. i want to access svn using LDAP authentication its giving an error: ldap_simple_bind_s() failed. what could be the problem. i wrote some text at the end of httpd.conf fpr ldap... (2 Replies)
Discussion started by: visu_buri
2 Replies

6. AIX

LDAP user authentication issue

Hello everyone, hoping you can provide some incite with a little problem I'm having.. I have the LDAP client configured and running on my AIX 5.3 server, which is authenticating against an eDirectory LDAP server. I can login via LDAP no problems on the AIX server with newly created users,... (4 Replies)
Discussion started by: j_aix
4 Replies

7. UNIX for Advanced & Expert Users

LDAP client issue

Hello, I'm new to Centos and to openldap. I am by trade a Solaris Admin. I'm experimenting with openldap and thought Linux would be easier to install and setup openldap on, so far this is true. The problem I'm having is that I can't get the client server to authenticate to the openldap server. I... (1 Reply)
Discussion started by: bitlord
1 Replies

8. Solaris

Authentication with LDAP in opensolaris

Hi all, I have two virtual machines, one with Suse and another with opensolaris 2009.06. The ldap server is in the Suse machine. From my opensolaris, with command ldalist i can see the information about the ldap configuration, i mean, the dn: ou:.... if i type id <ldapuser> i can see the user... (0 Replies)
Discussion started by: checoturco
0 Replies

9. AIX

LDAP authentication

Hi, We are trying to use LDAP to authenticate the login from our application. Our application is installed on AIX 6.1 and LDAP server is on active directory windows 2003. We are getting the below error when we try to login. We have the required lib file in the path it is looking for. Any idea... (3 Replies)
Discussion started by: Nand1010_MA
3 Replies

10. Solaris

LDAP Client not connecting to LDAP server

I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful. The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)
Discussion started by: solaris_1977
9 Replies

LEARN ABOUT X11R4

autofs_ldap_auth.conf

AUTOFS_LDAP_AUTH.CONF(5)					File Formats Manual					  AUTOFS_LDAP_AUTH.CONF(5)

NAME
       autofs_ldap_auth.conf - autofs LDAP authentication configuration

DESCRIPTION
       LDAP  authenticated  binds, TLS encrypted connections and certification may be used by setting appropriate values in the autofs authentica-
       tion  configuration  file  and  configuring  the  LDAP  client  with  appropriate  settings.   The  default  location  of  this	 file	is
       /etc/autofs_ldap_auth.conf.  If this file exists it will be used to establish whether TLS or authentication should be used.

       An example of this file is:

	 <?xml version="1.0" ?>
	 <autofs_ldap_sasl_conf
		 usetls="yes"
		 tlsrequired="no"
		 authrequired="no"
		 authtype="DIGEST-MD5"
		 user="xyz"
		 secret="abc"
	 />

       If  TLS	encryption is to be used the location of the Certificate Authority certificate must be set within the LDAP client configuration in
       order to validate the server certificate. If, in addition, a certified connection is to be used then the client certificate and private key
       file locations must also be configured within the LDAP client.

OPTIONS
       This files contains a single XML element, as shown in the example above, with several attributes.

       The possible attributes are:

       usetls="yes"|"no"
	      Determines whether an encrypted connection to the ldap server should be attempted.

       tlsrequired="yes"|"no"
	      This  flag  tells whether the ldap connection must be encrypted. If set to "yes", the automounter will fail to start if an encrypted
	      connection cannot be established.

       authrequired="yes"|"no"|"autodetect"|"simple"
	      This option tells whether an authenticated connection to the ldap server is required in order to perform ldap queries. If  the  flag
	      is  set  to  yes, only sasl authenticated connections will be allowed. If it is set to no then authentication is not needed for ldap
	      server connections. If it is set to autodetect then the ldap server will be queried to  establish  a  suitable  sasl  authentication
	      mechanism.  If no suitable mechanism can be found, connections to the ldap server are made without authentication. Finally, if it is
	      set to simple, then simple authentication will be used instead of SASL.

       authtype="GSSAPI"|"LOGIN"|"PLAIN"|"ANONYMOUS"|"DIGEST-MD5|EXTERNAL"
	      This attribute can be used to specify a preferred authentication mechanism.  In normal operations, the automounter will  attempt	to
	      authenticate  to	the  ldap server using the list of supportedSASLmechanisms obtained from the directory server.	Explicitly setting
	      the authtype will bypass this selection and only try the mechanism specified. The EXTERNAL mechanism may be used to authenticate us-
	      ing a client certificate and requires that authrequired set to "yes" if using SSL or usetls, tlsrequired and authrequired all set to
	      "yes" if using TLS, in addition to authtype being set to EXTERNAL.

	      If using authtype EXTERNAL two additional configuration entries are required:

	      external_cert="<client certificate path>"

	      This specifies the path of the file containing the client certificate.

	      external_key="<client certificate key path>"

	      This specifies the path of the file containing the client certificate key.

	      These two configuration entries are mandatory when using the EXTERNAL method as the HOME environment variable cannot be  assumed	to
	      be set or, if it is, to be set to the location we expect.

       user="<username>"
	      This attribute holds the authentication identity used by authentication mechanisms that require it.  Legal values for this attribute
	      include any printable characters that can be used by the selected authentication mechanism.

       secret="<password>"
	      This attribute holds the secret used by authentication mechanisms that require it. Legal	values	for  this  attribute  include  any
	      printable characters that can be used by the selected authentication mechanism.

       encoded_secret="<base64 encoded password>"
	      This  attribute  holds the base64 encoded secret used by authentication mechanisms that require it. If this entry is present as well
	      as the secret entry this value will take precedence.

       clientprinc="<GSSAPI client principal>"
	      When using GSSAPI authentication, this attribute is consulted to determine the principal name to use when authenticating to the  di-
	      rectory server. By default, this will be set to "autofsclient/<fqdn>@<REALM>.

       credentialcache="<external credential cache path>"
	      When  using GSSAPI authentication, this attribute can be used to specify an externally configured credential cache that is used dur-
	      ing authentication.  By default, autofs will setup a memory based credential cache.

SEE ALSO
       auto.master(5),

AUTHOR
       This manual page was written by Ian Kent <raven@themaw.net>.

								    19 Feb 2010 					  AUTOFS_LDAP_AUTH.CONF(5)
All times are GMT -4. The time now is 05:44 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy