From: cbaker@GOODYEAR.COM
Date: Tue Nov 18 2003 - 15:37:35 EST
John,
This sounds great....but how do I do it? If I wanted to try it, what do
I have to do to change a RS/6K that is (was) an NIS client so that it now
goes to a LDAP server and verifies a password as right? Got a white paper
or something that gives the commands to set up "pam"?
Christopher M. Baker
Goodyear Tire and Rubber Company
John Jolet
<john.jolet@FXFN To: aix-l@Princeton.EDU
.COM> cc: (bcc: Chris Baker/NA/GDYR)
Sent by: IBM AIX Subject: Re: LDAP and NIS
Discussion List
<aix-l@Princeton
.EDU>
11/18/2003 01:24
PM
Please respond
to IBM AIX
Discussion List
pluggable authentication modules...that's what linux and, to a lesser
extent, solaris use. basically, the os authenticates to pam, which (as the
name suggests) has methods that plug into it. these methods can be
"required" or "sufficient". for instance, i can require you to either have
BOTH a password locally and a password in ldap, OR just a biometric method.
you can stack the methods. at that point the os doesn't care how you
really authenticate.
-----Original Message-----
From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU]On Behalf Of
cbaker@GOODYEAR.COM
Sent: Tuesday, November 18, 2003 12:05 PM
To: aix-l@Princeton.EDU
Subject: Re: LDAP and NIS
Importance: High
pam?
Christopher M. Baker
Goodyear Tire and Rubber Company
John Jolet
<john.jolet@FXFN To: aix-l@Princeton.EDU
.COM> cc: (bcc: Chris
Baker/NA/GDYR)
Sent by: IBM AIX Subject: Re: LDAP and NIS
Discussion List
<aix-l@Princeton
.EDU>
11/18/2003 11:47
AM
Please respond
to IBM AIX
Discussion List
if you're running 5.2, there is pam for aix now. what i did on my 4.3.3
systems was write a perl script to populate my map sources from ldap and
just authenticate via nis on the boxes that wouldn't do ldap. but it was
all backed by ldap
-----Original Message-----
From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU]On Behalf Of
cbaker@GOODYEAR.COM
Sent: Tuesday, November 18, 2003 9:44 AM
To: aix-l@Princeton.EDU
Subject: LDAP and NIS
Importance: High
We are an NIS shop. Want to authenticate users via LDAP now rather than
the NIS password maps. We have a LDAP server. It is presently RedHat 9
running OpenLDAP.
Can I have users logging into AIX systems (local and remotely) using LDAP
as their only auth. method?
How do I do that? What do I switch?
If there are users who are not in the LDAP system, can I still auth those
via a much smaller NIS password map?
Thanks,
Christopher M. Baker
Goodyear Tire and Rubber Company
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:17:21 EDT