LDAP (Microsoft AD) authentication on AIX

system · January 11, 2008, 2:31pm

Hi All!

Is it possible to configure BOXIr2 to use LDAP (Microsoft AD) authentication on AIX? After reviewing the supported platforms for AIX I’ve found out that “Microsoft Active Directory…” is absent in LDAP Directory section but I need any practical confirmation.

AlexKey (BOB member since 2006-08-18)

system · January 11, 2008, 9:47pm

The short answer is yes, you can use the native LDAP protocol to connect to the the Microsoft Active Directory.

T.

Tom Wolniewicz (BOB member since 2007-03-19)

system · January 13, 2008, 6:24pm

Thanks for reply.

AlexKey (BOB member since 2006-08-18)

system · January 15, 2008, 1:29pm

I haven’t tried this, but it’s conceptually possible. I would point out that you MUST use SSL when authenticating to Active Directory LDAP. I can imagine missing this point could cost a lot of headache.

For a default Active Directory install, I would use these values in the LDAP Server Attribute Mappings:

[list]Object Class: objectclass
Static Group: group
Static Group Member: member
Dynamic Group: [blank] (not AD supported)
Dynamic Group Member: [blank]
Group Description: description
User Object Class: person
User Name: sAMAccountName (not default)
User Description: description
[/list]

I use sAMAccountName because cn is set to the Full Name property by default in AD when an account is created. sAMAccountName is the username. You could also use userPrincipalName if you prefer, which would require users to log in using user@domain syntax.

For both search attributes, use cn.

natescott (BOB member since 2006-02-28)

system · January 15, 2008, 3:22pm

I assume it’s conceptually possible too as I managed to complete this task several times on Windows OS. So why AD is omitted from documentation… I’ll get a chance to clear up this soon.

AlexKey (BOB member since 2006-08-18)

system · October 8, 2008, 1:55pm

HI All!

How can i set Active Directory under BO3 UNIX AIX or possible?

Did somebody do one like this?

Thanks for reply.

Navahao

Navahao (BOB member since 2007-10-16)

system · March 12, 2010, 7:27am

Yes. You can setup AD with AIX.
I had done this long time back in BO 3.1 sucessfully(not sure which flavour of *Unix)

You need to perform AD as an LDAP configuration.
In the LDAP config in CMC> Authetication, you need to provide details that are present in Windows AD.

Hope this helps u.

Regards,
Brijesh

brijesh (BOB member since 2009-04-21)