ldap authenticaton from windows 2003 ad

From: Omer.Uyar@intertech.com.tr
Date: Sun Jun 27 2004 - 07:37:55 EDT

• Next message: Werner.Rost@zf.com: "AW: FSTAB OVERWRITTEN SYSTEM CANNOT BOOT"
• Previous message: Mike: "SCSI noise"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello managers,

I have a Tru64 5.1b. I have been trying to authenticate my users from windows 2003 AD via LDAP. I have installed OSFLDPAUTH540 and LDPUTIL100 packages on UNIX,

I have installed the Windows 2000 SSO packages to Windows 2003 Domain Controller. It extend the schema like these;

It added two object classes named posixAccount and posixGroup and some attributes in this object classes

In posixAccount;
uid
uidNumber
gidNumber
msSFUPassword
msSFUHomeDirectory
gecos
loginshell

In posixGroup;
msSFUName
msSFUPassword
memberUID
gidNumber

Then i have configured my /etc/ldapcd.conf like this;

directory:                      tru64test.tru64.unix
searchbase:                 "cn=users,dc=tru64,dc=unix"
port:                             389
connections:                6
max_threads:                64
debug:                          1
pw_cachesize:              2000
pw_expirecache:           120
gr_cachesize:               100
gr_expirecache:            600
machine_dn:                 "cn=ldapsearch,cn=Users,dc=tru64,dc=unix"
machine_pass:             "xxxyyyzzz"
pw_oclass:                   posixAccount
pw_username:              uid
pw_password:               msSFUPassword
pw_uid:                         uidNumber
pw_gid:                         gidNumber
pw_gecos:                   gecos
pw_homedir:                 msSFUHomeDirectory
pw_shell:                      loginshell
gr_oclass:                    user
gr_name:                      msSFUName
gr_password:                msSFUPassword
gr_gid:                          gidNumber
gr_members:                MemberUID
disablegroup:                0

After all I have ran the ldap_check utility and got the following errors;

Loaded Configuration file /etc/ldapcd.conf
Connected to LDAP server on tru64test.tru64.unix
  Search base "cn=users,dc=tru64,dc=unix" confirmed
  Retrieved Object class information
Error: could not find attribute "cn" in object class posixAccount
Error: could not find attribute "uid" in object class posixAccount
Error: could not find attribute "msSFUPassword" in object class posixAccount
Error: could not find attribute "uidNumber" in object class posixAccount
Error: could not find attribute "gidNumber" in object class posixAccount
Error: could not find attribute "gecos" in object class posixAccount
Error: could not find attribute "msSFUHomeDirectory" in object class posixAccount
Error: could not find attribute "loginshell" in object class posixAccount
  Password object class attributes check failed
Error: could not find attribute "msSFUName" in object class posixGroup
Error: could not find attribute "msSFUPassword" in object class posixGroup
Error: could not find attribute "gidNumber" in object class posixGroup
Error: could not find attribute "MemberUID" in object class posixGroup
  Group object class attributes check failed
Errors detected during directory configuration check

I have checked the AD configuration and saw that the attributes exists in the object classes.

Any help would be appreciated.

Thank you very much

• Next message: Werner.Rost@zf.com: "AW: FSTAB OVERWRITTEN SYSTEM CANNOT BOOT"
• Previous message: Mike: "SCSI noise"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:50:02 EDT