Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

LDAP user authentication problem

Status
Not open for further replies.
21sam

21sam

MIS
Jul 20, 2005
26
US
hi,
i am trying to add AIX5.2ML07 client to our ldap server which is running in solaris environment..(sun one directory server).

i run mksecldap from aix client with proxyagent DN and it did setup the client with out any problem.

client talks with our ldap server and i checked the config file /etc/security/ldap/ldap.cfg.. it looks ok.

when i run finger command with ldap user name (logged in as root), it identifies the user...that seems ok.

now the problem is "it does not authenticate the user i.e. ldap defined user is not able to login to this server".

i checked the netgroup and i did update on ldap server.

can you guide me the next step???

advance thanks for your reply..
 
Sort by date Sort by votes
did you set in default: stanza in /etc/security/user

SYSTEM = "LDAP or compat"

 
Upvote 0 Downvote
i just modified this attribute under default catagory of /et/security/user.

but it does not help to solve the issue.

any further tuning to fix this problem ???

thanks
 
Upvote 0 Downvote
lsuser -R LDAP -a rlogin your_user
lsuser -R LDAP -a hostsallowedlogin your_user
lsuser -R LDAP -a hostsdeniedlogin your_user


# grep LDAP /usr/lib/security/methods.cfg
LDAP:
program = /usr/lib/security/LDAP
program_64 = /usr/lib/security/LDAP_64

(the above should be set when you configured client with command mksecldap)


and clear LDAP cache when you are using ITDS LDAP client:

/usr/sbin/flush-secldapclntd


I am using IBM's ITDS 6.0 and it works ok with above setting. The only difference is that I was not using mksecldap command but configured AIX ldap client manually.

So, what I did was:

1. Installed AIX native LDAP client + GSKit (32bit mode):

if above links will not work you should follow following link:


2. After successful installation I had modified files:

/etc/security/ldap/ldap.cfg (to set my suffix, ldap server, ssl, keydb password, ldap server password, max threads decreased to 5, cache to 300 secs)
/etc/security/user (adjusted mentioned SYSTEM in default: stanza)
/usr/lib/security/methods.cfg (added to lines):
LDAP:
program = /usr/lib/security/LDAP
program_64 = /usr/lib/security/LDAP_64

3. Started ldap client with command:

/usr/sbin/start-secldapclntd

When all configured threads where established the LDAP started works. Authentication works properly.
 
Upvote 0 Downvote
thank you so much for your help

samy
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Loic SARRAZIN
  • Locked
  • Question
Authentication order with NIS / ypbind
Replies
0
Views
187
Loic SARRAZIN
Loic SARRAZIN
AnjuSingh
  • Locked
  • Question
Hello, I have a generic user whi
Replies
3
Views
148
iggsterman
iggsterman
amandeepgautam
  • Locked
  • Question
AIX problem creating package with mkinstallp
Replies
0
Views
135
amandeepgautam
amandeepgautam
sivakavi
  • Locked
  • Question
unable to delete user or create user
Replies
1
Views
158
sivakavi
sivakavi
Guy987
  • Locked
  • Question
Smartcard authentication to SSH
Replies
0
Views
75
Guy987
Guy987

Part and Inventory Search

Sponsor

Back
Top