10 More Discussions You Might Find Interesting
1. Emergency UNIX and Linux Support
Hi Friends,
I have below scenarios .
dom1.test.com - LDAP
dom2.test.com - AD
Requirement is establish a trust relation between LDAP and AD server in such a way that if any user login on LDAP managed authentication server with
dom1\username -> get authenticated by LDAP host
... (2 Replies)
Discussion started by: Shirishlnx
2 Replies
2. AIX
Hi, We are trying to use LDAP to authenticate the login from our application. Our application is installed on AIX 6.1 and LDAP server is on active directory windows 2003.
We are getting the below error when we try to login. We have the required lib file in the path it is looking for. Any idea... (3 Replies)
Discussion started by: Nand1010_MA
3 Replies
3. Solaris
Hi all,
I have two virtual machines, one with Suse and another with opensolaris 2009.06.
The ldap server is in the Suse machine.
From my opensolaris, with command ldalist i can see the information about the ldap configuration, i mean, the dn: ou:....
if i type id <ldapuser> i can see the user... (0 Replies)
Discussion started by: checoturco
0 Replies
4. Solaris
Hi folks,
i have opends 1.2 manually installed
subversion 1.4.3 and apache2 updated by package manager.
i want to access svn using LDAP authentication
its giving an error:
ldap_simple_bind_s() failed.
what could be the problem.
i wrote some text at the end of httpd.conf fpr ldap... (2 Replies)
Discussion started by: visu_buri
2 Replies
5. Red Hat
I am trying to convert all my redhat servers over to ldap. I have solved almost all the probems but am having trouble getting cvs pserver to authenticate. I'm running redhat 4. Just patched everything the other day.
cvs is cvs-1.11.17-9.1.el4_7.1. Any suggestions would be welcome.
Obviously... (1 Reply)
Discussion started by: jhtrice
1 Replies
6. UNIX for Advanced & Expert Users
I see a lot of thread on LDAP Authentication but I want to enable LDAP Authentication with Authorization. Meaning, removing the user ID's and groups from the local servers and move them to an LDAP server. When a user logs in (via LDAP) they will be given their group memberships and access to the... (3 Replies)
Discussion started by: scottsl
3 Replies
7. HP-UX
Hi to all,
i try to configure an HpUx 11.23 to use a Sun Directory Server to authenticate in system.
In my ldap the users is posixAccount.
I read in www that there is a sotware called LDAPUX but it use a profile, and it requires a change that i can't execute in my ldap because it is used also... (0 Replies)
Discussion started by: suuuper
0 Replies
8. Cybersecurity
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
Discussion started by: bptronics
1 Replies
9. Linux
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
Discussion started by: bptronics
1 Replies
10. UNIX and Linux Applications
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
Discussion started by: bptronics
1 Replies
dsconfigldap(1) BSD General Commands Manual dsconfigldap(1)
NAME
dsconfigldap -- LDAP server configuration/binding add/remove tool.
SYNOPSIS
dsconfigldap [-fvixsgmeSN] -a servername [-n configname] [-c computerid] [-u username] [-p password] [-l username] [-q password]
dsconfigldap [-fviSN] -r servername [-u username] [-p password] [-l username] [-q password]
options:
-f force authenticated binding/unbinding
-v verbose logging to stdout
-i prompt for passwords as required
-x choose SSL connection
-s enforce secure authentication only
-g enforce packet signing security policy
-m enforce man-in-middle security policy
-e enforce encryption security policy
-S do not update search policies
-N do not prompt about adding certificates
-h display usage statement
-a servername add config of servername
-r servername remove config of servername
-n configname name given to LDAP server config
-c computerid name used if binding to directory
-u username privileged network username
-p password privileged network user password
-l username local admin username
-q password local admin password
DESCRIPTION
dsconfigldap allows addition or removal of LDAP server configurations. Presented below is a discussion of possible parameters. Usage has
three intents: add server config, remove server config, or display help.
Options list and their descriptions:
-f Bindings will be established or dropped in conjunction with the addition or removal of the LDAP server configuration.
-v This enables the logging to stdout of the details of the operations. This can be redirected to a file.
-i You will be prompted for a password to use in conjunction with a specified username.
-s This ensures that no clear text passwords will be sent to the LDAP server during authentication. This will only be enabled if the
server supports non-cleartext methods.
-e This ensures that if the server is capable of supporting encryption methods (i.e., SSL or Kerberos) that encryption will be enforced
at all times via policy.
-m This ensures that man-in-the-middle capabilities will be enforced via Kerberos, if the server supports the capability.
-g This ensures that packet signing capabilities will be enforced via Kerberos, if the server supports the capability.
-x Connection to the LDAP server will only be made over SSL.
-S Will skip updating the search policies.
-N Will assume Yes for installing certificates
-h Display usage statement.
-a servername
This is either the fully qualified domain name or correct IP address of the LDAP server to be added to the DirectoryService LDAPv3
configuration.
-r servername
This is either the fully qualified domain name or correct IP address of the LDAP server to be removed from the DirectoryService
LDAPv3 configuration.
-n configname
This is the UI configuration label that is to be given the LDAP server configuration.
-c computerid
This is the name to be used for directory binding to the LDAP server. If none is given the first substring, before a period, of the
hostname (the defined environment variable "HOST") is used.
-u username
Username of a privileged network user to be used in authenticated directory binding.
-p password
Password for the privileged network user. This is a less secure method of providing a password, as it may be viewed via process
list. For stronger security leave the option off and you will be prompted for a password.
-l username
Username of a local administrator.
-q password
Password for the local administrator. This is a less secure method of providing a password, as it may be viewed via process list.
For stronger security leave the option off and you will be prompted for a password.
EXAMPLES
dsconfigldap -a ldap.company.com
The LDAP server config for the LDAP server myldap.company.com will be added. If authenticated directory binding is required by the LDAP
server, then this call will fail. Otherwise, the following parameters configname, computerid, and local admin name will respectively pick up
these defaults: ip address of the LDAP servername, substring up to first period of fully qualified hostname, and username of the user in the
shell this tool was invoked.
dsconfigldap -r ldap.company.com
The LDAP server config for the LDAP server myldap.company.com will be removed but not unbound since no network user credentials were sup-
plied. The local admin name will be the username of the user in the shell this tool was invoked.
SEE ALSO
opendirectoryd(8), odutil(1)
Mac OS April 24 2010 Mac OS