07-23-2015
AD Group Policy Management and Kerberos / LDAP
Has anyone attempted to define GPO / HBAC policies in Windows Server 2012 that could be respected by Kerberos/LDAP on AIX?
I'm looking to associate servers to groups so that when a user part of a group tries to login to a host not associated with that group, it would be denied. This would allow me to define finer group scope controls that we need / are looking for.
Has anyone done this? I'll try to post the same thread on a windows forum as well.
Thanks!
Dev
7 More Discussions You Might Find Interesting
1. HP-UX
I am getting the following error message when trying to login to the client:
while verifying tgt
If I move the /etc/krb5.keytab out of /etc, it works fine. This is HP-UX v23
Does anyone have any ideas? (1 Reply)
Discussion started by: dhernand
1 Replies
2. AIX
Good day
I am trying to configure Kerberos and LDAP authentication on AIX 5.3 with Windows 2003 R2 but something is not quite right.
When I ran kinit username I get a ticket and I can display it using klist.
When the user login I can see the ticket request on Windows 2003, but the user... (1 Reply)
Discussion started by: mariusb
1 Replies
3. UNIX for Advanced & Expert Users
Hello, I asked this question in the AIX subforum but never received an answer, probably because the AIX forum is not that heavily trafficked. Anyway, here it is..
I have never had any issues like this when compiling applications from source. When I try to compile samba-3.5.0pre2, configure runs... (9 Replies)
Discussion started by: raidzero
9 Replies
4. Solaris
hi,
how to assign group policy to user in solaris (1 Reply)
Discussion started by: meet2muneer
1 Replies
5. Windows & DOS: Issues & Discussions
hi,
did anyone know how to configure a priority of dns ports (and other ports) on QOS on windows 2003? hard to understand the group policy "explain" tab on 'qos packet scheduler', no elaboration on how to use it.
thanks for any comment you may add.
---------- Post updated at 05:03 PM... (0 Replies)
Discussion started by: itik
0 Replies
6. Solaris
Hi, FYI, I'm new in Solaris
I'm trying to use Kerberos on authenticating LDAP Client with the Active Directory on Windows Server 2003 on both Solaris 10 5/08 and Solaris 10 9/10 by referring to the pdf file kerberos_s10.pdf available at sun official site.
... (0 Replies)
Discussion started by: chongzh
0 Replies
7. AIX
The KRB5ALDAP compound load module is giving me fits. Everything looks like it should be working, but no.
Goal: Integrate AIX host with Active Directory using a KRB5ALDAP compound load module so that users can be created in AD and used in AIX, with unix attributes (registry values) being... (2 Replies)
Discussion started by: jgeiger
2 Replies
LEARN ABOUT DEBIAN
sge_hostgroup
HOSTGROUP(5) Sun Grid Engine File Formats HOSTGROUP(5)
NAME
hostgroup - host group entry file format
DESCRIPTION
A host group entry is used to merge host names to groups. Each host group entry file defines one group. Inside a group definition file
you can also reference to groups. These groups are called subgroups. A subgroup is referenced by the sign "@" as first character of the
name.
A list of currently configured host group entries can be displayed via the qconf(1) -shgrpl option. The contents of each enlisted host
group entry can be shown via the -shgrp switch. The output follows the hostgroup format description. New host group entries can be created
and existing can be modified via the -ahgrp, -mhgrp, -dhgrp and -?attr options to qconf(1).
Note, Sun Grid Engine allows backslashes () be used to escape newline (
ewline) characters. The backslash and the newline are replaced
with a space (" ") character before any interpretation.
FORMAT
A host group entry contains following parameters:
group_name
The group_name defines the host group name. Host group names have to begin with an '@' character as explained for hostgroup_name in
sge_types(5).
hostlist
The name of all hosts and host groups (see host_identifier in sge_types(1)) which are member of the group. As list separators white-spaces
are supported only. Default value for this parameter is NONE.
Note, if the first character of the host_identifier is an "@" sign the name is used to reference a hostgroup(5) which is taken as sub group
of this group.
EXAMPLE
This is a typical host group entry:
group_name @bigMachines
hostlist @solaris64 @solaris32 fangorn balrog
The entry will define a new host group called @bigMachines. In this host group are the host fangorn, balrog and all members of the host
groups @solaris64 and @solaris32.
SEE ALSO
sge__types(1), qconf(1)
COPYRIGHT
See sge_intro(1) for a full statement of rights and permissions.
SGE 6.2u5 $Date$ HOSTGROUP(5)