Discussions
Categories
Groups
Community Home
Categories
INTERNAL ENABLEMENT
POPULAR
THRUST SERVICES & TOOLS
CLOUD EDITIONS
Quick Links
MY LINKS
HELPFUL TIPS
Back to website
Home
Web CMS (TeamSite)
LDAP authentication on Solaris
selvarajsri
Hi
I'm trying to configure LDAP authentication. the main objective for this exercise is to not to keep the users account on Solaris box and not to use or keep the password in Solaris. I wanted to keep the (.uid) on Solaris box itself.
I have followed the instructions, which is in ts.650a.admin.unix.pdf admin guide (Page # 66-77). I'm not able to login and the same time, I don't know where to look for the logs, particularly the log file name.
Current entry in iw.cfg
[authentication]
#use_login_daemon=true
#authenticate_by=pam
authenticate_by=ldap
#pam_service=sshd
#pam_service=teamsite
ldap_server=LDAP serverhost name
ldap_port=389
ldap_dnbase=ou=internal, o=xxxxx, c=US
I'm not sure why this is not working. I appreciate if you could help me out.
Thanks
With Regards
Selva
Find more posts tagged with
Comments
Icebreaker
Hi Sri,
I dont see you setting the attribute. There should be an attribute in LDAP that stores TeamSite roles.
Here is the example...
[authentication]
authenticate_by=ldap
ldap_server=153.88.193.92
ldap_port=389
ldap_dnbase=ou=users,ou=internal,o=ericsson
ldap_roles=tsProd
where tsProd is the attribute set in LDAP.
Also, you might have to do the settings in other ldap files (ldap_switch, ldap_conf, etc.,)
Hope this helps you.
Regards,
Jay
Bill Klish
There is no need to put that information in LDAP if you will be keeping the .uid files around as was mentioned in the post.
I suspect you do not have a user with anonymous bind access to your LDAP. Without that, TeamSite will not be able to retrieve any information.
On our solaris servers we use the
authenticate_by=pam
and then just use standard solaris configuration to attach to ldap. TeamSite just utilizes this directly.
Hope that helps,
-Bill
selvarajsri
Jay/Bill,
I'm planning to keep the roles (.uid) in TeamSite server itself. I'm planning as Bill said.
Please let me know in detail if any other files needs to be changed apart from iw.cfg. I have no idea on this. Please guide me to setup the same.
Thanks
-Selva
selvarajsri
Bill,
Can you explain me in detail or let me know the documentation part to know more about your approach? like authenticate_by=pam and using solaris ldap.
Thanks
-Selva
