aix:aix_ldap
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
aix:aix_ldap [2021/10/18 15:49] manu |
aix:aix_ldap [2021/10/18 15:51] (current) manu |
||
|---|---|---|---|
| Line 37: | Line 37: | ||
| In the file /usr/lib/security/methods.cfg enable LDAP module with: | In the file /usr/lib/security/methods.cfg enable LDAP module with: | ||
| + | <cli> | ||
| LDAP: | LDAP: | ||
| program = /usr/lib/security/LDAP | program = /usr/lib/security/LDAP | ||
| program_64 =/usr/lib/security/LDAP64 | program_64 =/usr/lib/security/LDAP64 | ||
| + | </cli> | ||
| Set default authentication to LDAP: | Set default authentication to LDAP: | ||
| + | <cli> | ||
| chsec -f /etc/security/user -s default -a "SYSTEM=LDAP or files" | chsec -f /etc/security/user -s default -a "SYSTEM=LDAP or files" | ||
| chsec -f /etc/security/user -s default -a "registry=LDAP" | chsec -f /etc/security/user -s default -a "registry=LDAP" | ||
| + | </cli> | ||
| Add creation of user home directory after first login in AIX STD_AUTH, standard authentification, since AIX 6.1 TL2. For PAM_AUTHentification, add the right parameter into /etc/pam.conf | Add creation of user home directory after first login in AIX STD_AUTH, standard authentification, since AIX 6.1 TL2. For PAM_AUTHentification, add the right parameter into /etc/pam.conf | ||
| Line 52: | Line 54: | ||
| To allow local login, for each local user stanza in /etc/security/user specify the following: | To allow local login, for each local user stanza in /etc/security/user specify the following: | ||
| + | <cli> | ||
| SYSTEM = "files" | SYSTEM = "files" | ||
| registry = files | registry = files | ||
| + | </cli> | ||
| + | |||
| - | AIX 6.1 | ||
| Before doing anything, install the following packages. You can find it on the AIX media. | Before doing anything, install the following packages. You can find it on the AIX media. | ||
| Line 65: | Line 68: | ||
| idsldap.cltbase61.adt 6.1.0.17 C F Directory Server - Base Client | idsldap.cltbase61.adt 6.1.0.17 C F Directory Server - Base Client | ||
| idsldap.cltbase61.rte 6.1.0.17 C F Directory Server - Base Client | idsldap.cltbase61.rte 6.1.0.17 C F Directory Server - Base Client | ||
| + | |||
| Then, re-establish the links with the following command: | Then, re-establish the links with the following command: | ||
| - | + | /opt/IBM/ldap/V6.1/bin/idslink -l 64 | |
| - | /opt/IBM/ldap/V6.1/bin/idslink -l 64 | + | |
| - | Proceed as the 5.3 from now on. | + | |
| - | + | ||
| ==== Start/Stop IBM LDAP ==== | ==== Start/Stop IBM LDAP ==== | ||
| - | <code> | + | <cli prompt='#'> |
| root@itds_server - /root >cat /etc/inittab | grep ldap | root@itds_server - /root >cat /etc/inittab | grep ldap | ||
| ldapd63:2:once: /opt/IBM/ldap/V6.3/sbin/ibmslapd -I ldapdb2 -f/home/ldapdb2/idsslapd-ldapdb2/etc/ibmslapd.conf > /dev/console 2>&1 | ldapd63:2:once: /opt/IBM/ldap/V6.3/sbin/ibmslapd -I ldapdb2 -f/home/ldapdb2/idsslapd-ldapdb2/etc/ibmslapd.conf > /dev/console 2>&1 | ||
| ids0:2345:once:/opt/IBM/ldap/V6.3/sbin/ibmdiradm -I ldapdb2 > /dev/null 2>&1 #Autostart IBM LDAP Admin Daemon Instance | ids0:2345:once:/opt/IBM/ldap/V6.3/sbin/ibmdiradm -I ldapdb2 > /dev/null 2>&1 #Autostart IBM LDAP Admin Daemon Instance | ||
| idsweb:2:once:/opt/IBM/ldap/V6.3/idstools/bin/startWebadminApp > /dev/null 2>&1 | idsweb:2:once:/opt/IBM/ldap/V6.3/idstools/bin/startWebadminApp > /dev/null 2>&1 | ||
| + | </cli> | ||
| + | |||
| + | <cli prompt='#'> | ||
| root@itds_server - /root >cat /etc/rc.shutdown | root@itds_server - /root >cat /etc/rc.shutdown | ||
| #!/bin/ksh | #!/bin/ksh | ||
| Line 101: | Line 104: | ||
| # Exit 0 is required, else server won t stop | # Exit 0 is required, else server won t stop | ||
| exit 0 | exit 0 | ||
| - | </code> | + | </cli> |
aix/aix_ldap.1634564951.txt.gz · Last modified: 2021/10/18 15:49 by manu
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
