AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
#Power
 View Only
Back to discussions
Expand all | Collapse all

Combining AD authentication with UNIX authorisation

  • 1.  Combining AD authentication with UNIX authorisation

    Posted Tue December 22, 2009 06:13 AM

    Originally posted by: JMRoderick


    I'd like to know if it's possible to use our MSAD LDAP directory to authenticate users on our AIX 5.3/6.1 systems but retain authorisation at the local AIX level (i.e. I don't want to store UID/GID/shell/group information in the AD).

    All documentation suggests that once LDAP is configured for authentication, all the user properties are read from the AD.

    Thanks

    Jon
    #AIX-Forum


  • 2.  Re: Combining AD authentication with UNIX authorisation

    Posted Sat February 20, 2010 02:53 AM

    Originally posted by: SystemAdmin


    You can use just Kerberos authentication from MS Active Directory.
    Then you can control all user profile settings & authorizations from within AIX.
    But they will get their password from AD.

    http://www-03.ibm.com/systems/resources/systems_p_os_aix_whitepapers_aix_kerberos2.pdf
    or
    http://www-03.ibm.com/support/techdocs/atsmastr.nsf/5cb5ed706d254a8186256c71006d2e0a/b60ca850bdcd30758625766300760dea/$FILE/SSOforSAPNWASABAPonPower.pdf
    covers some of the same subject matter.

    If you are authenticating to a Windows 2008 Domain Controller/KDC you may need to install
    KB951191 in order to address a bug where it will not recognize the SPN correctly <service>/hostname@REALM
    #AIX-Forum


Related Content