AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
#Power
 View Only
Back to discussions
Expand all | Collapse all

AIX 6.1+ ldap using rfc2307 map, AIX not rfc2307 compliant!

  • 1.  AIX 6.1+ ldap using rfc2307 map, AIX not rfc2307 compliant!

    Posted Fri May 04, 2012 03:40 PM

    Originally posted by: SystemAdmin


    Please tell me there is a way around this issue. We have many AIX servers and have them authenticated to a sun directory server using ldap. We decided to stay rfc2307 compliant, so that we can bring linux into the picture. AIX plays nice with one exception. "maxage" (which maps to shadowMax) is only in weeks, whereas the RFC states it should be "number of days the password is valid". If you attempt to set the "maxage" value higher than "52" it is not supported. This is a huge problem with non-expiring ID's. For linux, you would set the shadowMax value to "99999". Well, this breaks AIX which needs to be "0" for non-expiry. I tried changing the RFC2307user.map value for shadowMax to days, then updating the cross-platform account to "99999". AIX thinks the account is expired, while linux works fine.

    Why even offer an RFC2307 map if it's not fully compliant?

    If someone knows a solution to this issue, please let me know. It's getting a bit frustrating.
    #AIX-Forum


Related Content