ldap authenticaton from windows 2003 ad from Omer.Uyar_at_intertech.com.tr on 2004-06-27 (tru64-unix-managers)

From: <Omer.Uyar_at_intertech.com.tr>
Date: Sun, 27 Jun 2004 14:37:55 +0300

Hello managers,

I have a Tru64 5.1b. I have been trying to authenticate my users from windows 2003 AD via LDAP. I have installed OSFLDPAUTH540 and LDPUTIL100 packages on UNIX,

I have installed the Windows 2000 SSO packages to Windows 2003 Domain Controller. It extend the schema like these;

It added two object classes named posixAccount and posixGroup and some attributes in this object classes

In posixAccount;
uid
uidNumber
gidNumber
msSFUPassword
msSFUHomeDirectory
gecos
loginshell

In posixGroup;
msSFUName
msSFUPassword
memberUID
gidNumber

Then i have configured my /etc/ldapcd.conf like this;

directory:                      tru64test.tru64.unix
searchbase:                 "cn=users,dc=tru64,dc=unix"
port:                             389
connections:                6
max_threads:                64
debug:                          1
pw_cachesize:              2000
pw_expirecache:           120
gr_cachesize:               100
gr_expirecache:            600
machine_dn:                 "cn=ldapsearch,cn=Users,dc=tru64,dc=unix"
machine_pass:             "xxxyyyzzz"
pw_oclass:                   posixAccount
pw_username:              uid
pw_password:               msSFUPassword
pw_uid:                         uidNumber
pw_gid:                         gidNumber
pw_gecos:                   gecos
pw_homedir:                 msSFUHomeDirectory
pw_shell:                      loginshell
gr_oclass:                    user
gr_name:                      msSFUName
gr_password:                msSFUPassword
gr_gid:                          gidNumber
gr_members:                MemberUID
disablegroup:                0

After all I have ran the ldap_check utility and got the following errors;

Loaded Configuration file /etc/ldapcd.conf
Connected to LDAP server on tru64test.tru64.unix
Search base "cn=users,dc=tru64,dc=unix" confirmed
Retrieved Object class information
Error: could not find attribute "cn" in object class posixAccount
Error: could not find attribute "uid" in object class posixAccount
Error: could not find attribute "msSFUPassword" in object class posixAccount
Error: could not find attribute "uidNumber" in object class posixAccount
Error: could not find attribute "gidNumber" in object class posixAccount
Error: could not find attribute "gecos" in object class posixAccount
Error: could not find attribute "msSFUHomeDirectory" in object class posixAccount
Error: could not find attribute "loginshell" in object class posixAccount
Password object class attributes check failed
Error: could not find attribute "msSFUName" in object class posixGroup
Error: could not find attribute "msSFUPassword" in object class posixGroup
Error: could not find attribute "gidNumber" in object class posixGroup
Error: could not find attribute "MemberUID" in object class posixGroup
Group object class attributes check failed
Errors detected during directory configuration check

I have checked the AD configuration and saw that the attributes exists in the object classes.

Any help would be appreciated.

Thank you very much
Received on Sun Jun 27 2004 - 11:39:58 NZST

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:44 NZDT