I am able to authenticate users with LDAP from an AD2016. IE
# lsuser -R LDAP ksunksun id=2209 pgrp=staff ...When configure ldap, it is automatically figured out OU paths in /etc/security/ldap/ldap.cfg for automount and services
servicebasedn:OU=services,OU=nis,DC=...automountbasedn:OU=autofs,OU=nis,DC=...I created OU nis and sub-OU autofs and services when we setup SSSD for RHEL7/8.
My question is how/where to tell AIX to use automountbasedn:OU=autofs,OU=nis,... and servicebasedn:OU=services,OU=nis,DC=...
I understand the file /etc/irs.conf is similar/equivalent to /etc/nsswitch.conf on other unixe.
It currently look like thisautomount nis_ldap filesservices nis_ldap continueservices nis continueservices localDo I need put more entries or do I need modify some other files?
The current /etc/methods.cfg
LDAP:program = /usr/lib/security/LDAPprogram_64 =/usr/lib/security/LDAP64NIS:program = /usr/lib/security/NISprogram_64 = /usr/lib/security/NIS_64DCE:program = /usr/lib/security/DCEKRB5:program = /usr/lib/security/KRB5program_64 = /usr/lib/security/KRB5_64And the curret /etc/security/ldap/ldap.cfg
# grep '^[:a-z:]' /etc/security/ldap/ldap.cfg
ldapservers:ad-lex1binddn:CN=Admin - ...bindpwd:{DESv2}C1 ...authtype:ldap_authuseSSL:nouserattrmappath:/etc/security/ldap/sfur2user.mapgroupattrmappath:/etc/security/ldap/sfur2group.mapuserbasedn:CN=Users,DC=...groupbasedn:CN=Users,DC=...servicebasedn:OU=services,OU=nis,DC=...automountbasedn:OU=autofs,OU=nis,DC=...userclasses:user,person,organizationalpersongroupclasses:groupldapport:389searchmode:ALLdefaultentrylocation:LDAPThe LPAR is running AIX7.3
Any suggestion is appreciated.
Thanks!
--Kang
------------------------------
Kang Sun
------------------------------