Re: LDAP and NIS

• Previous message: cbaker_at_GOODYEAR.COM: "Re: LDAP and NIS"
• Maybe in reply to: cbaker_at_GOODYEAR.COM: "LDAP and NIS"
• Next in thread: cbaker_at_GOODYEAR.COM: "Re: LDAP and NIS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date:         Tue, 18 Nov 2003 12:24:28 -0600
To: aix-l@Princeton.EDU

pluggable authentication modules...that's what linux and, to a lesser extent, solaris use. basically, the os authenticates to pam, which (as the name suggests) has methods that plug into it. these methods can be "required" or "sufficient". for instance, i can require you to either have BOTH a password locally and a password in ldap, OR just a biometric method. you can stack the methods. at that point the os doesn't care how you really authenticate.

-----Original Message-----
From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU]On Behalf Of
cbaker@GOODYEAR.COM
Sent: Tuesday, November 18, 2003 12:05 PM
To: aix-l@Princeton.EDU
Subject: Re: LDAP and NIS
Importance: High

pam?

Christopher M. Baker
Goodyear Tire and Rubber Company

                      John Jolet
                      <john.jolet@FXFN To: aix-l@Princeton.EDU
                      .COM> cc: (bcc: Chris Baker/NA/GDYR)
                      Sent by: IBM AIX Subject: Re: LDAP and NIS
                      Discussion List
                      <aix-l@Princeton
                      .EDU>

                      11/18/2003 11:47
                      AM
                      Please respond
                      to IBM AIX
                      Discussion List

if you're running 5.2, there is pam for aix now. what i did on my 4.3.3
systems was write a perl script to populate my map sources from ldap and
just authenticate via nis on the boxes that wouldn't do ldap. but it was
all backed by ldap

-----Original Message-----
From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU]On Behalf Of
cbaker@GOODYEAR.COM
Sent: Tuesday, November 18, 2003 9:44 AM
To: aix-l@Princeton.EDU
Subject: LDAP and NIS
Importance: High

We are an NIS shop. Want to authenticate users via LDAP now rather than
the NIS password maps. We have a LDAP server. It is presently RedHat 9
running OpenLDAP.

Can I have users logging into AIX systems (local and remotely) using LDAP
as their only auth. method?

How do I do that? What do I switch?

If there are users who are not in the LDAP system, can I still auth those
via a much smaller NIS password map?

Thanks,

Christopher M. Baker
Goodyear Tire and Rubber Company

• Previous message: cbaker_at_GOODYEAR.COM: "Re: LDAP and NIS"
• Maybe in reply to: cbaker_at_GOODYEAR.COM: "LDAP and NIS"
• Next in thread: cbaker_at_GOODYEAR.COM: "Re: LDAP and NIS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: LDAP and NIS ... so haven't tested pam. ... If you want to set up a master nis server that's fed from ldap, ... the NIS password maps. ... (AIX-L) Re: LDAP and NIS ... BOTH a password locally and a password in ldap, ... Subject: LDAP and NIS ... just authenticate via nis on the boxes that wouldn't do ldap. ... the NIS password maps. ... (AIX-L) Re: Directory Server LDAP/LDIF import - working yet not working??? ... I then generated LDIF files from the /etc files on our NIS ... > 10,000-foot understanding of LDAP. ... > I already downloaded the various LDAP BluePrints and Directory Server ... (comp.unix.solaris) Directory Server LDAP/LDIF import - working yet not working??? ... We currently have NIS and are looking to get rid of NIS completely in ... I then generated LDIF files from the /etc files on our NIS ... 10,000-foot understanding of LDAP. ... This is to be nothing more than importing /etc/passwd (and ... (comp.unix.solaris) Re: Solaris 9 naming services ... Just my own experience with the Solaris implementations of NIS, ... and the Iplanet/SunONE LDAP server. ... it's hard to know what the folks at the conference ... (comp.unix.solaris)