Login or Register to Ask a Question and Join Our Community


AIX

RBAC and LDAP users (AD)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX RBAC and LDAP users (AD)
# 8  
Old 03-22-2013
The AIX scheme has two attributes: hostsallowed, hostsdenied - if I recall correctly. They are exclusive to each other, i.e., you specify what is allowed, all else is denied, or what is denied - everything else is allowed. Nice thing about this is that it is all managed via the LDAP interface, so modifications to AIX systems is needed.
This User Gave Thanks to MichaelFelt For This Post:
Janpol
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

LDAP Client not connecting to LDAP server

I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful. The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)
Discussion started by: solaris_1977
9 Replies

2. Linux

Help me with all users ldap

Need to find the ldap id's of all the users in my organizations... is there any command??? (0 Replies)
Discussion started by: Syed Imran
0 Replies

3. Linux

Monitor ldap users

Any way to find the ldap users currently logged into the clinets ? I am using Openldap with NFS for home directory mounts. (0 Replies)
Discussion started by: nitin09
0 Replies

4. Solaris

LDAP users with RBAC Roles

I have an issue with integration between Microsoft LDAP users and RBAC roles defined in a Solaris box. to explain more , i managed to integrate Microsoft Active Directory user loggings to Solaris boxes. I've done it to centralize user repo. and instead of creating admin accounts on more than... (9 Replies)
Discussion started by: mduweik
9 Replies

5. Solaris

rbac problem.

Hi all! On backup server with contab my script worked, but one command don't fine to be executed: bash-3.00$ scp itadmin@172.17.0.44:/export/backups/* /bckp1/opencms/bcp_`date +%Y%m%d`/ www-zone.cfg 100%... (0 Replies)
Discussion started by: sotich82
0 Replies

6. UNIX for Dummies Questions & Answers

Unix Rbac

Can anyone help me on "How to change Unix to support RBAC policy"? (4 Replies)
Discussion started by: JPoroo
4 Replies

7. Solaris

RBAC Help

do i have to create a new account to add a role? i want the sysadmin login i have 3 users on my systems sysadmin secman oc01 also 3 profiles SA (goes t0 sysadmin account) SSO (goes to secman account) LMICS (goes to oc01 account) the user accounts are located in /h/USERS/local the... (4 Replies)
Discussion started by: deaconf19
4 Replies

8. Solaris

Rbac

I am trying to let user asillitoe su to the godbrook role to execute commands. I have editted files as follows: user_attr: asillito::::type=normal;roles=godbrook godbrook::::type=role;profiles=Gadbrook,All prof_attr: Gadbrook:::Allow root commands to be used by godbrook: exec_attr:... (0 Replies)
Discussion started by: chrisdberry
0 Replies

9. UNIX for Advanced & Expert Users

link LDAP-Users

hi, is it possible to link users on a LDAP-Server from one container to another? we have two trees, one for AIX and one for solaris-linux but we have a few users in both trees, they should have the same password and a password change must affect both entries we use IBM Directory Server... (3 Replies)
Discussion started by: funksen
3 Replies

10. UNIX for Advanced & Expert Users

Equivalent of ADMCHG for LDAP Users

All newly created Aix5 users are forced to change password first time when they log in. We know removing the ADMCHG flag in passwd file will not prompt the user for change password. But we are trying to figure out the similar solution if the user is created as a LDAP user ?. Any help? Thanks... (0 Replies)
Discussion started by: vipas
0 Replies
Login or Register to Ask a Question

LEARN ABOUT SUSE

net::ldap::control::managedsait

Net::LDAP::Control::ManageDsaIT(3)			User Contributed Perl Documentation			Net::LDAP::Control::ManageDsaIT(3)

NAME

       Net::LDAP::Control::ManageDsaIT - LDAPv3 Manage DSA-IT control object

SYNOPSIS

	use Net::LDAP;
	use Net::LDAP::Control::ManageDsaIT;

	$ldap = Net::LDAP->new( "ldap.mydomain.eg" );

	$manage = Net::LDAP::Control::ManageDsaIT->new( critical => 1 );

	$msg = $ldap->modify( 'dc=sub,dc=mydomain,dc=eg",
			      changes => [
				delete => { ref => 'ldap://ldap2/dc=sub,dc=mydom,dc=eg' },
				add => { ref => 'ldap://ldap3/dc=sub,dc=mydom,dc=eg' } ],
			      control  => [ $manage ] );

	die "error: ",$msg->code(),": ",$msg->error()  if ($msg->code());

DESCRIPTION

       "Net::LDAP::Control::ManageDsaIT" provides an interface for the creation and manipulation of objects that represent the "ManageDsaIT"
       control as described by RFC 3296.

CONSTRUCTOR ARGUMENTS

       Since the "ManageDsaIT" control does not have any values only the constructor arguments described in Net::LDAP::Control are supported

METHODS

       As there are no additional values in the control only the methods in Net::LDAP::Control are available for "Net::LDAP::Control::ManageDsaIT"
       objects.

SEE ALSO

       Net::LDAP, Net::LDAP::Control,

AUTHOR

       Peter Marschall <peter@adpm.de>.

       Please report any bugs, or post any suggestions, to the perl-ldap mailing list <perl-ldap@perl.org>

COPYRIGHT

       Copyright (c) 2004 Peter Marschall. All rights reserved. This program is free software; you can redistribute it and/or modify it under the
       same terms as Perl itself.

perl v5.12.1							    2010-03-12					Net::LDAP::Control::ManageDsaIT(3)