Configuring ldap-ux

Cristobal Ruiz_1 · ‎02-28-2006

Hi All,

I am configuring ldapux B.04.00.03 in a Itanium v11.23 an I have configured Active directory in a w2003 with a proxy user.

I have put the etc/krb5.keytab and configured the pam.conf and /etc/krb5.conf as it is required in the "LDAP-UX Client Services B.04.00 Microsoft Windows 2000/2003 Active Directory Administrator’s Guide"

In the syslog I find this error when trying to login as a user created in the Active Directory:
Feb 28 14:33:35 itanium login: [Cannot resolve network address for KDC in requested realm] while getting initial credentials
Feb 28 14:33:35 itanium login: [Authentication failed] Password not valid

more information:
itanium::/opt/ldapux/config>./get_profile_entry -s nss -D "CN=proxyuser,CN=Users,DC=trescasas,DC=com" -w nueva123

itanium::/opt/ldapux/config>./ldap_proxy_config -v
File Credentials verified - valid
itanium::/opt/ldapux/config>./ldap_proxy_config -p
PROXY DN: CN=proxyuser,CN=Users,DC=trescasas,DC=com

Thank you very much in advance

Bill Thorsteinson · ‎03-02-2006

Check that you can resolve the addresses
for all the servers listed in the /etc/*.conf
files. Use nslookup to verifiy lookups.
It looks like one of the servers is in
neither /etc/hosts, nor the DNS nameservers
listed in /etc/resolv.conf.

You may want to try reverse lookups. For
ip 10.20.30.40 try

nslookup 40.30.20.10.in-addr.arpa.

Note the trailing period after arpa.

Sameer_Nirmal · ‎03-02-2006

Hi,

I looks like that the Windows KDC mentioned in the "[realms]" section of /etc/krb5.conf
doesn't get resolved from LDAP-UX client.
This is probably due to different domains for KDC and LDAP client.
In this case, you need to manually map the LDAP-UX client domain name with Windows KDS domain under "[domain_realm]" section in /etc/krb5.conf.
e.g.
if your FQDN of LDAP-UX client is host.xyz.com and KDS domain (realm) is abc.com then you need to have
[domain_realm]
.xyz.com=abc.com

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Configuring ldap-ux

Configuring ldap-ux

Re: Configuring ldap-ux

Re: Configuring ldap-ux