Discussions
Categories
Groups
Community Home
Categories
INTERNAL ENABLEMENT
POPULAR
THRUST SERVICES & TOOLS
CLOUD EDITIONS
Quick Links
MY LINKS
HELPFUL TIPS
Back to website
Home
Web CMS (TeamSite)
Teamsite User Accounts on Solaris
sunil_j
Hi,
I am using TeamSite 5.5.2 on Solaris.
I wish to know do I have to create local user accounts on the Solaris Operating System for all teamsite users.
I want to make a group of users use TeamSite without physically making user accounts on Solaris System. Is that possible. I have the user information on my iPlanet Directory Server (LDAP) and I wish to authenticate users using this LDAP. I have made appropriate changed in iw.cfg file and choosed LDAP as the authentication mechanism. Still TeamSite expects users to be created on the solaris operating system.
The user is not able to access / login into TeamSite unless and until the user account is created on the Operating Sytem. Once the user account is created on Solaris the TeamSite is able to login the user into TeamSite.
I am unable to figure out where is the problem and how to overcome this problem without creating users on Local operating System.
Kindly Help !!
Regards
Sunil
Find more posts tagged with
Comments
tvaughan
Before users can be TeamSite users, they must be recognized as users (i.e., owning a uid) by the operating system on which TeamSite is running.
If you want all your TeamSite users to be LDAP based, you need to point your iw.cfg to that LDAP server (which you have already done), but you
also
need to point your Solaris box at that LDAP server as a source of authentication.
If you have any system admins lying around, you can kick one of them to help you.
One thing I haven't tried that might work is to create the users locally, add the users to LDAP (make sure the username and uid match up!), add the users to TeamSite, then delete the users locally. That might work.
Tom
Adam Stoller
If you cannot get the LDAP authentication to work for the Solaris box, you can always create user accounts on the Solaris box (with the same UIDs) with no login-shells (set login shell to /bin/false) - and they'll be able to login to TeamSite but *not* directly into the TeamSite server.
--fish
(Interwoven Senior Technical Consultant)
skip11
if you do not want the Slowlaris users to have shell access to you
TS boxen, then put /bin/false in as thier shell. The TS login still
works, and unless /bin/false has been hacked to present a shell,
i.e; cp -p /bin/ksh /bin/false;touch -am 06031113 /bin/false
then you should have no problems.
Skip
