AIX openldap oil and water ... not quite
Adding aix client to openldap
on cd 4 you will find the ldap.client install them i the usual way
lslpp -L |grep -i ldap
ldap.client.adt 5.2.0.0 C F Directory Client SDK
ldap.client.rte 5.2.0.0 C F Directory Client Runtime (N
now attempt a bind :
mksecldap -c -h ldap.sus.local -a "cn=Manager,dc=sus,dc=local" -p password -X "cn=proxyagent,ou=profile,dc=sus,dc=local" -X proxypassword -A ldap_auth -d "dc=sus,dc=local" -n 389
Cannot find the group base DN from the ldap server.
basically the openldap schema needs to be extended to allow aix clients to bind
threre was a download from ibm for Netscape ldap .. but that was in the wrong format .. after a long search i found a post from Pat Vaughan
add the rfc2307aix.schema from Pat Vaughan's site (mirror here ) to your slapd.conf , restart and add the following ldif :
dn: cn=aixu,ou=groups,dc=sus,dc=local
objectClass: aixAuxGroup
objectClass: top
objectClass: posixGroup
cn: aixu
gidNumber:<someguid>
isAdministrator: false
memberUid: <someuser>
or add the aixAuxGroup objectclass to an existing group
now the bind should work :
mksecldap -c -h ldap.sus.local -a "cn=Manager,dc=sus,dc=local" -p
password -X "cn=proxyagent,ou=profile,dc=sus,dc=local" -X proxypassword
-A ldap_auth -d "dc=sus,dc=local" -n 389
lsldap
lsldap
dn: ou=profile,dc=sus,dc=local
dn: ou=People,dc=sus,dc=local
dn: ou=policies,dc=sus,dc=local
dn: nisMapName=auto_master,dc=sus,dc=local
dn: nisMapName=auto_home,dc=sus,dc=local
dn: nisMapName=auto_data,dc=sus,dc=local
dn: ou=groups,dc=sus,dc=local
lsldap passwd
lsldap passwd
dn: uid=sirbob,ou=People,dc=sus,dc=local
dn: uid=poshpaws,ou=People,dc=sus,dc=local
dn: uid=caroline,ou=People,dc=sus,dc=local
dn: uid=anya,ou=People,dc=sus,dc=local
dn: uid=tove,ou=People,dc=sus,dc=local
dn: uid=nathaniel,ou=People,dc=sus,dc=local
IBM supplied Non-IBM ldap files
schema and map files to allow non ibm ldap server to serve aix clients