HPE Community
Operating System - HP-UX
1752767 Members
5120 Online
108789 Solutions
New Discussion юеВ

Re: LDAPUX integration issues.

 
Lee Chin Ken
Occasional Contributor

тАО12-17-2008 04:37 AM

тАО12-17-2008 04:37 AM

LDAPUX integration issues.

Hi,

I am currently in the midst of setting up LDAPUX 4.17 for my company users to do authentication via our LDAP server ( Sun One ) instead of authenticate on physical server.

Btw, my company server are running on HPUX 11.11 with Gold Patch Dec 2007.

I have basically execute /opt/ldapux/config/setup and I have furnished with all the necessary information.

eg:-
1)Directory Server ( Netscape or Red Hat Directory )
2)Directory server host
3)Directory Server port number
4)No printer Schema, no automount schema
5)Profile Entry DN

and I have changed the necessary config on /etc/pam.conf, /etc/nsswitch.conf and /etc/opt/ldapux/ldapclientd.conf as attached.

Right after this, I am able to add a new user to ldap server via command ldap_new_entry command and do query via ldapsearch command but I could not authenticate my password which I have set on ldap server with encryption SHA mode

and this is my screen shot while login via my ldap login:-

HP-UX alpha B.11.11 U 9000/800 (tb)

login: leeck
Password:
LDAP Password:
Login incorrect

Wait for login retry: ..
login:

Can anyone assist me on this. Really appreciate your help.

Regards,
Ken
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

тАО12-17-2008 05:21 AM

тАО12-17-2008 05:21 AM

Re: LDAPUX integration issues.

Shalom Ken,

I struggled with this and worse as we tried to integrate with windows.

I'm not fully sure this LDAP combination has been fully de-bugged.

I'd take logs /var/adm/syslog/syslog.log and server logs and see if you can find something interesting to post.

Check for a newer version of LDAP client and improvements on the server side.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Wim Rombauts
Honored Contributor

тАО12-18-2008 12:03 AM

тАО12-18-2008 12:03 AM

Re: LDAPUX integration issues.

I used LDAP/UX to integrate with Microsoft AD and the integration was up and running easily. Although the integeration is made up of a set of loose components.
-> You need to configure the user "database" to look at /etc/passwd AND LDAP
-> Independent of that, you need to configure the authentication to look into /etc/passwd AND LDAP.

So these are independent configurations.

Do you know the command pwget ? You can try and see if it returns all the users (from /etc/passwd and LDAP) you expect to see. And grget if you have groups in the LDAP you wish to integrate with your system.
These commands may show if your system is able to "see" the LDAP users and groups. I think (= I am not sure) that this is the first step to be sure of.

In my /etc/nsswitch.conf, I have set files first (so that user "root" in /etc/passwd preceeds a possible user "root" in the LDAP).
Maybe that makes a difference ?

Any further issues are probably in /etc/pamconf. I have HP-UX 11.23 running, and I have the impression that /etc/pam.conf has some additional libraries compared to HP-UX 11.11, so my pam.conf is not really a reference for you.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.