User Tools

Site Tools


aix:aix_ldap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
aix:aix_ldap [2021/10/18 15:49]
manu
aix:aix_ldap [2021/10/18 15:51] (current)
manu
Line 37: Line 37:
  
 In the file /​usr/​lib/​security/​methods.cfg enable LDAP module with: In the file /​usr/​lib/​security/​methods.cfg enable LDAP module with:
 +<cli>
   LDAP:   LDAP:
       program = /​usr/​lib/​security/​LDAP       program = /​usr/​lib/​security/​LDAP
       program_64 =/​usr/​lib/​security/​LDAP64       program_64 =/​usr/​lib/​security/​LDAP64
 +</​cli>​
  
 Set default authentication to LDAP: Set default authentication to LDAP:
 +<cli>
   chsec -f /​etc/​security/​user -s default -a "​SYSTEM=LDAP or files"   chsec -f /​etc/​security/​user -s default -a "​SYSTEM=LDAP or files"
   chsec -f /​etc/​security/​user -s default -a "​registry=LDAP"​   chsec -f /​etc/​security/​user -s default -a "​registry=LDAP"​
 +</​cli>​
  
 Add creation of user home directory after first login in AIX STD_AUTH, standard authentification,​ since AIX 6.1 TL2. For PAM_AUTHentification,​ add the right parameter into /​etc/​pam.conf ​ Add creation of user home directory after first login in AIX STD_AUTH, standard authentification,​ since AIX 6.1 TL2. For PAM_AUTHentification,​ add the right parameter into /​etc/​pam.conf ​
Line 52: Line 54:
  
 To allow local login, for each local user stanza in /​etc/​security/​user specify the following: To allow local login, for each local user stanza in /​etc/​security/​user specify the following:
 +<cli>
         SYSTEM = "​files"​         SYSTEM = "​files"​
         registry = files         registry = files
 +</​cli>​
 +
  
-AIX 6.1 
 Before doing anything, install the following packages. You can find it on the AIX media. Before doing anything, install the following packages. You can find it on the AIX media.
  
Line 65: Line 68:
   idsldap.cltbase61.adt ​    ​6.1.0.17 ​   C     ​F ​   Directory Server - Base Client   idsldap.cltbase61.adt ​    ​6.1.0.17 ​   C     ​F ​   Directory Server - Base Client
   idsldap.cltbase61.rte ​    ​6.1.0.17 ​   C     ​F ​   Directory Server - Base Client   idsldap.cltbase61.rte ​    ​6.1.0.17 ​   C     ​F ​   Directory Server - Base Client
 +
 Then, re-establish the links with the following command: Then, re-establish the links with the following command:
- + /​opt/​IBM/​ldap/​V6.1/​bin/​idslink ​ -l 64
-/​opt/​IBM/​ldap/​V6.1/​bin/​idslink ​ -l 64 +
-Proceed as the 5.3 from now on. +
- +
  
 ==== Start/Stop IBM LDAP ==== ==== Start/Stop IBM LDAP ====
  
-<code>+<cli prompt='#'​>
 root@itds_server - /root >cat /​etc/​inittab | grep ldap root@itds_server - /root >cat /​etc/​inittab | grep ldap
 ldapd63:​2:​once:​ /​opt/​IBM/​ldap/​V6.3/​sbin/​ibmslapd -I ldapdb2 -f/​home/​ldapdb2/​idsslapd-ldapdb2/​etc/​ibmslapd.conf > /​dev/​console 2>&1 ldapd63:​2:​once:​ /​opt/​IBM/​ldap/​V6.3/​sbin/​ibmslapd -I ldapdb2 -f/​home/​ldapdb2/​idsslapd-ldapdb2/​etc/​ibmslapd.conf > /​dev/​console 2>&1
 ids0:​2345:​once:/​opt/​IBM/​ldap/​V6.3/​sbin/​ibmdiradm -I ldapdb2 > /dev/null 2>&1 #Autostart IBM LDAP Admin Daemon Instance ids0:​2345:​once:/​opt/​IBM/​ldap/​V6.3/​sbin/​ibmdiradm -I ldapdb2 > /dev/null 2>&1 #Autostart IBM LDAP Admin Daemon Instance
 idsweb:​2:​once:/​opt/​IBM/​ldap/​V6.3/​idstools/​bin/​startWebadminApp > /dev/null 2>&1 idsweb:​2:​once:/​opt/​IBM/​ldap/​V6.3/​idstools/​bin/​startWebadminApp > /dev/null 2>&1
 +</​cli>​
 +
 +<cli prompt='#'>​
 root@itds_server - /root >cat /​etc/​rc.shutdown root@itds_server - /root >cat /​etc/​rc.shutdown
 #!/bin/ksh #!/bin/ksh
Line 101: Line 104:
 # Exit 0 is required, else server won t stop # Exit 0 is required, else server won t stop
 exit 0 exit 0
-</code>+</cli>
aix/aix_ldap.1634564951.txt.gz · Last modified: 2021/10/18 15:49 by manu