Login or Register to Ask a Question and Join Our Community


Solaris

Solaris 10 authenticating to AD

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris Solaris 10 authenticating to AD
# 1  
Old 04-06-2009
Solaris 10 authenticating to AD
Hi all. A while back i began looking a using Sun One JDS for our S10 environment which subsequently fell by the wayside as other more pressing things cropped up :-)

Now its ugly head has popped up again but with the prerequisite that we authenticate against AD.

So, i have a few questions.

1) I have no experience with LDAP but that seems to be the logical way forward as far as the transport side of things goes. Do anyone have any 'easy guide' to installing/running LDAP on S10?

2) Integrating with AD. I guess the obvious question is how??????

3) can i choose to only authenticate certain user's ie just some staff users rather than the root/admin users?

Any help would be much appreciated, especially as i have no experience with LDAP/AD (although someone else will be dealing with the actually AD configuration side.

Thanks

pete
# 2  
Old 04-06-2009
Hi Boneyard,

This blog is an encyclopedia in itself : Refined Solaris 10-AD Integration Instructions - blog.scottlowe.org - The weblog of an IT pro specializing in virtualization, storage, and servers.

I too am working on same. Currently held up at LDAP client config part.
Good luck.

HG
# 3  
Old 04-06-2009
Thanks for the reply Renjesh. I've had quick look through that and still have a few questions though :-)

My main concern is that i dont want to authenticate all users, any ideas how this would be accomplished ie i only want staff users to authenticate against AD but root/admin locally

Cheers
# 4  
Old 04-06-2009
Quote:
i only want staff users to authenticate against AD but root/admin locally
Do not install an account called root in AD.
Ensure that if you use SSH that the sshd_config file has "PermitRootLogin no".
Ensure the the CONSOLE= line in the /etc/default/login file is set to /dev/console.
/etc/nsswitch.conf and /etc/pam.conf will be configured to allow local as well as LDAP authentication.
# 5  
Old 04-07-2009
Thanks for the reply tony.

So when u say "configured to allow local as well as ldap", does that mean that it will look to AD first and then local if a user if not in existance on AD?

You may have guessed I'm wingng it a little here ;-)

Cheers
# 6  
Old 04-07-2009
Yes,Boney.

An entry in /etc/nsswitch.conf for passwd service will decide where to look and where not to!

HG
# 7  
Old 04-07-2009
Excellent stuff. Thanks for that guys.

Cheers
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Authenticating UNIX (Solaris 11) to Windows 2012R2 / Active Directory

Gentleman, i am trying to setup Authentication for my Solaris 11 Server through Active Directory (Server 2012 R2). At least some things are already working, for example a getent passwd mydomainuser and ldapsearch command comes back with a correct result. So not everything i did was wrong. ... (1 Reply)
Discussion started by: bahnhasser83
1 Replies

2. UNIX for Advanced & Expert Users

Authenticating with SSSD / Kerberos against Windows Server 2012 R2

I'm authenticating with SSSD / Kerberos against Windows Server 2012 R2. I've setup credentails delegation using these options: Host * GSSAPIAuthentication yes GSSAPIDelegateCredentials yes GSSAPITrustDns yes For both client/server but no luck. I've read online that I need to run... (2 Replies)
Discussion started by: Devyn
2 Replies

3. Red Hat

Not authenticating in apache server site for a folder

hi , Im configuring web site with authencation to a folder but the authentication is not happening. below is the conf file of /etc/httpd/conf/httpd.conf <VirtualHost 192.168.1.4:80> DocumentRoot /var/www/html/ ServerName redhatclient.example.com <directory... (0 Replies)
Discussion started by: redhatlbug
0 Replies

4. AIX

Users not authenticating via Kerberos on MS AD

I have AD (active directory) user, "asdf", created and a matching local AIX user name. Using "kinit", I can successfully authenticate it against the MS AD but when they I try to login via SSH with the same user name, it doesn't work. How can I get AIX to allow kerberos authentication as a valid... (1 Reply)
Discussion started by: kah00na
1 Replies

5. Solaris

Key not authenticating to another machine

I've tried everything from changing permissions on the public and private keys to creating new keys and I still cannot authenticate my private key to another machines public key. Here is the ssh -vvv output: ssh -vvv -i id_dsa account@x.x.45.137 OpenSSH_5.5p1, OpenSSL 1.0.0a 1 Jun 2010... (8 Replies)
Discussion started by: jastanle84
8 Replies

6. Shell Programming and Scripting

Authenticating user ID and Password

Hi, Can any one please tell me the way to Authenticate success or failure of the login. Here is my req: I have to telnet to multiple unix servers and execute the a script there which will give me an integer output. This output should be directed to a txt file. i dont want to provide... (1 Reply)
Discussion started by: csekhar05
1 Replies

7. AIX

Authenticating users to ADS

It is possible to authenticate AIX-users to the Windows 2003 Active Directory. But is it also possible to do full useradministration in the ADS without also adding users to the local AIX-server? I have the following working: 1. Add user to the ADS 2. Add user to AIX with 'mkuser... (2 Replies)
Discussion started by: jacco
2 Replies

8. Red Hat

Samba: Authenticating and joining AD domain as a member

Hi all, I'm having some problems with joining an active directory domain as a member. My Linux servers using the same configuration across the board are all joining as domain controllers, which is bad. I am running Samba 3.0.25b-0.4E.6 on all of my RHEL servers. Here is my global... (1 Reply)
Discussion started by: Bert
1 Replies

9. HP-UX

HP-UX authenticating to Active Directory

Hey, I've asked questions about this project here before and gotten lots of help so I figured I'd give it another try. I've recently set up my HP-UX environment to authenticate to a Windows Active Directory server (Windows Server 2003 R2). I setup an account on Active Directory which works... (2 Replies)
Discussion started by: Rike255
2 Replies
Login or Register to Ask a Question