I have been able to configure on an AIX 5.2 ldap.cfg so service starts correctly.
but when I try to log on with a windows user after entering the password login hangs and get no response.
I have set it up on Aix 5.3 with no problem but in Aix 5.2 I have not been able to log in.
ldap.cfg :
I have modified the attributes so they are corrrectlky mapped to the AD attributes :
Code:
username SEC_CHAR uid s
spassword SEC_CHAR unixUserPassword s
id SEC_INT uidNumber s
pgrp SEC_CHAR gidNumber s
gecos SEC_CHAR gecos s
home SEC_CHAR unixHomeDirectory s
shell SEC_CHAR loginShell s
lastupdate SEC_INT shadowlastchange s
/etc/security/user :
Code:
default:
SYSTEM = "LDAP"
/usr/lib/security/methods.cfg :
LDAP:
program = /usr/lib/security/LDAP
program_64 = /usr/lib/security/LDAP64
Anyone has has expierenced a problem like this?
Moderator's Comments:
Please use CODE tags for posting code, configuration files or output
Last edited by rbatte1; 08-01-2014 at 06:20 AM..
Reason: Added CODE tags
Has anyone successfully authenticated unix users via Active Directory using
LDAP client on AIX v5.2 or v5.3?? ldapsearch from our unix box retrieves
info from AD but having trouble authenticating unix id when I logon - get a msg ': 3004-318 Error obtaining the user's password information'. Not... (0 Replies)
Hi Gurus
I am a novice in LDAP and need to configure an LDAP client(Solaris 10).
The client has to bind to an AD for LDAP queries. I have created a user called testbind in AD for binding purpose.
I am planning to configure LDAP client manually(as the requirement is as such).
This is the... (16 Replies)
Hello,
I am trying to configure an AIX machina to authenticate against a Windows 2003 AD, and I am desesperately trying to find the ldap.client lpp
in the internet.
I am using AIX 5.3 and I don't have access to the DVD media,
please help!
Thankyou,
Tiago (2 Replies)
Hi All,
I am getting one strange problem of empty LDAP_client_ file. There was one /var 100% overload issue few days back. After that we are observing this new issue.
I got to know about similar issue SunSolve Bug ID 6495683 - “LDAP client files & cred files are deleted when /var is full”... (1 Reply)
Configure ldap client:
I have configured my ldapclient with the AuthenticationMethod=simple and with the credentialLevel=proxy. However, as soon as i want to set the AuthenticationMethod=sasl/GSSAPI, and credentiallevel=self, then it fails to configure. Kerberos is already setup successfully. The... (0 Replies)
Hello,
I'm new to Centos and to openldap. I am by trade a Solaris Admin. I'm experimenting with openldap and thought Linux would be easier to install and setup openldap on, so far this is true. The problem I'm having is that I can't get the client server to authenticate to the openldap server. I... (1 Reply)
Hi,
I am trying to authenticate AIX server against a IDS LDAP instance.
The AIX version is 6.1 and TDS client is 6.1.
I configured the secldapclntd using ldap.cfg file and changed /etc/security/user to set SYSTEM=LDAP, registry=LDAP for one user. Below are the ldap.cfg configurations -
... (5 Replies)
Hi All,
Its regarding the LDAP in AIX.
we already have Microsoft Active Directory (LDAP) Server. And would like to integrate My client AIX LPAR to this LDAP server. So' that we can directly use Active directory crdentials to login. (instead of creating USERs on AIX)
from my AIX LPAR.
... (4 Replies)
Hi folks,
How can i configure an AIX LDAP client to authenticate against an Linux Openldap server over TLS/SSL?
It works like a charm without TLS/SSL.
i would like to have SSL encrypted communication for ldap (secldapclntd) and ldapsearch etc. while accepting every kind of certificate/CA.... (6 Replies)
I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful.
The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)
Discussion started by: solaris_1977
9 Replies
LEARN ABOUT MINIX
ldap_cachemgr
ldap_cachemgr(1M) System Administration Commands ldap_cachemgr(1M)NAME
ldap_cachemgr - LDAP daemon to manage client configuration for LDAP based Network Information Service lookups
SYNOPSIS
/usr/lib/ldap/ldap_cachemgr [-l log-file] [-g]
DESCRIPTION
The ldap_cachemgr daemon is a process that provides an up-to-date configuration cache for LDAP naming services. It is started during multi-
user boot.
The ldap_cachemgr utility provides caching for all parameters as specified and used by the LDAP naming service clients. The ldap_cachemgr
utility uses the cache files which are originally created by executing the ldapclient(1M) utility, as cold start files. Updates to the
cache files take place dynamically if profiles are used to configure the client. See the init option to ldapclient(1M).
The ldap_cachemgr utility helps improve the performance of the clients that are using LDAP as the Naming service repository. In order for
the LDAP naming services to function properly, the ldap_cachemgr daemon must be running. ldap_cachemgr also improves system security by
making the configuration files readable by superuser only.
The cache maintained by this daemon is shared by all the processes that access LDAP Naming information. All processes access this cache
through a door call. On startup, ldap_cachemgr initializes the cache from the cache files. See ldapclient(1M). Thus, the cache survives
machine reboots.
The ldap_cachemgr daemon also acts as its own administration tool. If an instance of ldap_cachemgr is already running, commands are passed
transparently to the running version.
OPTIONS
The following options are supported:
-g Print current configuration and statistics to standard output. This is the only option executable without superuser
privileges.
-l log-file Cause ldap_cachemgr to use a log file other than the default /var/ldap/cachemgr.log.
EXAMPLES
Example 1: Stopping and Restarting the ldap_cachemgr Daemon
The following example shows how to stop and to restart the ldap_cachemgr daemon.
example# svcadm enable network/ldap/client
example# svcadm disable network/ldap/client
Example 2: Forcing ldap_cachemgr to Reread the /var/ldap/ldap_client_file and /var/ldap/ldap_client_cred Files
The following example shows how to force ldap_cachemgr to reread the /var/ldap/ldap_client_file and /var/ldap/ldap_client_cred files
example# pkill -HUP ldap_cachemgr
FILES
/var/ldap/cachemgr.log Default log file.
/var/ldap/ldap_client_file Files containing the LDAP configuration of the client. These files are not to be modified manually. Their
/var/ldap/ldap_client_cred content is not guaranteed to be human readable. Use ldapclient(1M) to update these files.
WARNINGS
The ldap_cachemgr utility is included in the Solaris 9 release on an uncommitted basis only. It is subject to change or removal in a
future minor release.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWnisu |
+-----------------------------+-----------------------------+
SEE ALSO ldap(1), ldapadd(1), ldapdelete(1), ldaplist(1), ldapmodify(1), ldapmodrdn(1), ldapsearch(1), pkill(1), svcs(1), idsconfig(1M), ldapad-
dent(1M), ldapclient(1M), suninstall(1M), svcadm(1M), signal.h(3HEAD), resolv.conf(4), attributes(5), smf(5)NOTES
The ldap_cachemgr service is managed by the service management facility, smf(5), under the service identifier:
svc:/network/ldap/client
Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). The ser-
vice's status can be queried using the svcs(1) command.
SunOS 5.10 1 Aug 2004 ldap_cachemgr(1M)
07-31-2014
