12-12-2014
You need to install Kerberos (actually Kerberos 5), because the much-toted "Active Directory" is simply a kerberized LDAP-server (dumbed down to the same level of usefulness you know from other M$ products).
Notice that several user properties you might need are missing in an AD and you are likely not able to get these: because there is no "home directory"-property and no "default shell" (Windows-users are homeless and suffer shelllessness) you might need to still create the users at your system using AIX methods and can only use the LDAP domain for the authentication (read: password checks). Use the "krb5" security method in in the user definition for this.
I hope this helps.
bakunin
This User Gave Thanks to bakunin For This Post:
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Has anyone successfully authenticated unix users via Active Directory using
LDAP client on AIX v5.2 or v5.3?? ldapsearch from our unix box retrieves
info from AD but having trouble authenticating unix id when I logon - get a msg ': 3004-318 Error obtaining the user's password information'. Not... (0 Replies)
Discussion started by: DANNYC
0 Replies
2. AIX
In windows, there is a software that can help integrate some fixes or files into installtion media ( I think the software is called nLight or something). For example, if you want to include some SATA drivers into the installation CD of Windows XP you would: 1)get the Windows XP installation CDs. 2)... (1 Reply)
Discussion started by: Dardeer
1 Replies
3. AIX
I have a DUAL VIO ( IBM Virtual I/O ) setup on p 570.
Two Vio server ( VIOS ) and many LPAR clients.
VIO ( latest version + service pack + applied the fix ) and AIX 6.1 ML2
When both VIOs are running, and if I turn on a Client LPAR, the LPAR hangs at LED 25b3 for more than 1 hour then it... (2 Replies)
Discussion started by: filosophizer
2 Replies
4. AIX
Hi
In my vio server I have the below output
$ lsvopt | grep -i SAPSITGS
sapsitgs_cdrom TL12UP.iso 3182
In my vio client lpar I have the below output
root@sapsitgs:/ # lsdev -Cc cdromcd0 Available Virtual SCSI Optical Served by VIO Server
cd1... (1 Reply)
Discussion started by: newtoaixos
1 Replies
5. AIX
Hello,
I've set up email alerts on AIX Servers. so that i can get email notifications (via mail relay server) when ever there is abnormal behavior.
for example
1) my script monitors CPU/disk/memory etc... when it reaches high water ark, it will send an email alert.
2) disk usage alerts
3)... (5 Replies)
Discussion started by: System Admin 77
5 Replies
6. AIX
I have been able to configure on an AIX 5.2 ldap.cfg so service starts correctly.
but when I try to log on with a windows user after entering the password login hangs and get no response.
I have set it up on Aix 5.3 with no problem but in Aix 5.2 I have not been able to log in.
ldap.cfg... (1 Reply)
Discussion started by: laxtnog
1 Replies
7. AIX
I have joined an AIX 7.1 into a 2012 AD domain sucesfully.
I can get ouput from wbinfo -u but when I try to access a share I get the following error :
check_ntlm_password: Authentication for user -> FAILED with
error NT_STATUS_NO_SUCH_USER
I have found that I'm missing... (0 Replies)
Discussion started by: laxtnog
0 Replies
8. AIX
Hi folks,
How can i configure an AIX LDAP client to authenticate against an Linux Openldap server over TLS/SSL?
It works like a charm without TLS/SSL.
i would like to have SSL encrypted communication for ldap (secldapclntd) and ldapsearch etc. while accepting every kind of certificate/CA.... (6 Replies)
Discussion started by: paco699
6 Replies
9. Solaris
I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful.
The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)
Discussion started by: solaris_1977
9 Replies
10. UNIX for Advanced & Expert Users
Hi everybody,
I have Power5 server with 4 internal hdisks each of 70Gb.
VIOS server was installed via Virtual I/O Server Image Repository on the HMC.
HMC release - 7.7.0
VIOS rootvg installed on 2 disk(these disks merged to one storage pool during VIOS install process),and 2 others hdisks... (2 Replies)
Discussion started by: Ravil Khalilov
2 Replies
LEARN ABOUT MOJAVE
curlopt_username
CURLOPT_USERNAME(3) curl_easy_setopt options CURLOPT_USERNAME(3)
NAME
CURLOPT_USERNAME - user name to use in authentication
SYNOPSIS
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_USERNAME,
char *username);
DESCRIPTION
Pass a char * as parameter, which should be pointing to the zero terminated user name to use for the transfer.
CURLOPT_USERNAME(3) sets the user name to be used in protocol authentication. You should not use this option together with the (older) CUR-
LOPT_USERPWD(3) option.
When using Kerberos V5 authentication with a Windows based server, you should include the domain name in order for the server to success-
fully obtain a Kerberos Ticket. If you don't then the initial part of the authentication handshake may fail.
When using NTLM, the user name can be specified simply as the user name without the domain name should the server be part of a single
domain and forest.
To include the domain name use either Down-Level Logon Name or UPN (User Principal Name) formats. For example, EXAMPLEuser and user@exam-
ple.com respectively.
Some HTTP servers (on Windows) support inclusion of the domain for Basic authentication as well.
To specify the password and login options, along with the user name, use the CURLOPT_PASSWORD(3) and CURLOPT_LOGIN_OPTIONS(3) options.
The application does not have to keep the string around after setting this option.
DEFAULT
blank
PROTOCOLS
Most
EXAMPLE
TODO
AVAILABILITY
Added in 7.19.1
RETURN VALUE
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.
SEE ALSO
CURLOPT_USERPWD(3), CURLOPT_PASSWORD(3), CURLOPT_HTTPAUTH(3), CURLOPT_PROXYAUTH(3)
libcurl 7.54.0 December 21, 2016 CURLOPT_USERNAME(3)