HPE Community
Operating System - HP-UX
1820483 Members
2235 Online
109624 Solutions
New Discussion юеВ

LDAP-UX, Active Directory and Mac OS

 
Nicolas_17
Frequent Advisor

тАО06-15-2006 03:12 AM

тАО06-15-2006 03:12 AM

LDAP-UX, Active Directory and Mac OS

Hello,

I just started digging into this LDAP stuff and I have questions that may save me some time.
We have a bunch of Mac OS machines that don't play well at all with Active Directory. We also have very stable HP-UX servers.

Question: would it be simpler to have the Mac OS machines authenticate with an HP-UX server running LDAP-UX instead? Then we would have only that HP-UX server to configure to properly speak to Active Directory.

Can LDAP-UX be kind of a relay?

Nicolas.
0 Kudos
Reply
3 REPLIES 3
Nicolas_17
Frequent Advisor

тАО08-08-2006 03:49 AM

тАО08-08-2006 03:49 AM

Re: LDAP-UX, Active Directory and Mac OS

I guess this isn't so popular...

Has anyone heard a another way to sync active directory with hpux maybe?
0 Kudos
Reply
Bob Neal-Joslin
Trusted Contributor

тАО08-30-2006 08:24 AM

тАО08-30-2006 08:24 AM

Re: LDAP-UX, Active Directory and Mac OS

WARNING: I have very little expertise in configuring Mac OS X. But here's some information that might help...

LDAP-UX itself can't act as a relay for ADS. The closest solution there would be to use the NIS/LDAP Gateway and then configure your Mac OS systems to be an NIS client. But that would only help solve identity discovery. You'd still need a way to support authentication. You might be able to configure kerberos on the Mac to talk to a windows domain for identity authentication. But again, I'm not a Mac OS IdM expert by any means so I could not tell you how that's done.

Another solution is to use the Red Hat Directory Server v7.1 on HP-UX to act as a directory gateway for the Macs. RHDS 71 includes a feature called winsync. This will allow the directory server to discover and sync accounts stored in an ADS directory. And then, if you configure LDAP client support properly on your Mac, you can point it to RHDS on HP-UX. Note, that I'm not a 100% expert here either. But I believe one potential issue with this solution is full support of password policy, meaning it might not handle things like password expiration properly.

Good luck!
0 Kudos
Reply
Nicolas_17
Frequent Advisor

тАО08-30-2006 09:11 AM

тАО08-30-2006 09:11 AM

Re: LDAP-UX, Active Directory and Mac OS

Thanks Bob! Just when i had given up hope!

I will definetely give it a shot with my Mac guy and post results if any!

Nicolas.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.