Trying to test CMOD LDAP on AIX with AD Windows server.

Previous topic - Next topic
Print
Go Down Pages1
User actions

rketterer

August 29, 2016, 03:23:52 PM
Two questions.
    1. All of our CMOD user ID on AIX are legacy IDs from the Mainframe which don't match the AD IDs on the Windows Server.
        Has anyone done a mass change/or update  of CMOD IDs and passwords. 
    2. While testing the a connection to AD,  after changing the ars.cfg file and adding an initial LDAP login to the stash file,
        the connection process seems to be balking on the stash file. I there any limit,  to the password length,  for LDAP or AD kept in the stash file ?       Thanks Rob   

Justin Derrick

#1
August 29, 2016, 07:47:24 PM
Best bet is to check the permissions on the stash file to ensure that the UserID that is running the arssockd process has the UNIX file permissions to read the stash file.

-JD.
Call:  +1-866-533-7742  or  eMail:  jd@justinderrick.com
IBM CMOD Wiki:  https://CMOD.wiki/
FREE IBM CMOD Webinars:  https://CMOD.Training/
IBM CMOD Professional Services: https://CMOD.cloud

Interests: #AIX #Linux #Multiplatforms #DB2 #TSM #SP #Performance #Security #Audits #Customizing #Availability #HA #DR

rketterer

#2
August 29, 2016, 09:14:16 PM
Thanks Derick, but I think the permissions are OK, it's only when I added the LADP/AD ID and password that it started having an issue.  It can read the stash file, but I don't think it likes the LDAP pw or the ID . 

Alessandro Perucchi

#3
September 08, 2016, 01:45:07 PM
Quote from: rketterer on August 29, 2016, 09:14:16 PM
Thanks Derick, but I think the permissions are OK, it's only when I added the LADP/AD ID and password that it started having an issue.  It can read the stash file, but I don't think it likes the LDAP pw or the ID . 

Did you check that the user is correct? with all the CN=...OU=...DC=... etc??? I had sometimes problems because part of it was missing.
and did you add the LDAP user with the arsstash command with option -a 7 ??? otherwise it will never work.
And also you need to add the stash in the ars.ini with the option SRVR_OD_STASH and restart CMOD.

Probably you did all of that! But who knows :-)
Alessandro Perucchi

#Install #Migrations #Conversion #Educate #Repair #Upgrade #Migrate #Enhance #Optimize #AIX #Linux #Multiplatforms #DB2 #Windows #Oracle #TSM #Tivoli #Performance #Audits #Customizing #Availability #HA #DR #JavaApi #ContentNavigator #ICN #WEBi #ODWEK #Services #PDF #AFP #XML

Alessandro Perucchi

#4
September 08, 2016, 01:50:05 PM
Quote from: rketterer on August 29, 2016, 03:23:52 PM
Two questions.
    1. All of our CMOD user ID on AIX are legacy IDs from the Mainframe which don't match the AD IDs on the Windows Server.
        Has anyone done a mass change/or update  of CMOD IDs and passwords. 

Concerning your first question... you have 2 choices:

1) change the userid with ARSXML
    <user name="oldName" newName="newName" />

2) You add in AD for each user a field for the OD user.  Let say with the attribute cmodUser, and in CMOD ars.cfg file, you need to use the entry ARS_LDAP_MAPPED_ATTRIBUTE, something like: ARS_LDAP_MAPPED_ATTRIBUTE=cmodUser

So either you change CMOD or your change AD (with a small adaptation on CMOD). You can choose :-D

Alessandro Perucchi

#Install #Migrations #Conversion #Educate #Repair #Upgrade #Migrate #Enhance #Optimize #AIX #Linux #Multiplatforms #DB2 #Windows #Oracle #TSM #Tivoli #Performance #Audits #Customizing #Availability #HA #DR #JavaApi #ContentNavigator #ICN #WEBi #ODWEK #Services #PDF #AFP #XML
Print
Go Up Pages1
User actions
SMF 2.1.4 © 2023, Simple Machines
ProCurve Theme Made By : TwitchisMental