[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP - Unix sync

To: Aneela Saleem <aneela@platalytics.com>
Subject: Re: LDAP - Unix sync
From: Mauricio Tavares <raubvogel@gmail.com>
Date: Wed, 12 Aug 2015 10:56:58 -0400
Cc: Aaron Richton <richton@nbcs.rutgers.edu>, openldap-technical <openldap-technical@openldap.org>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=eHFbDW3om/4qdcuna8KHpsf+cKxpAqDEZodtJdVVIAc=; b=Lh66ZnTbgjxGLQLzfpX2A6vumU5P7QMqdWhSZoZNEYRTVn79UFI0Q2kIAcfEg71lq4 ZVXbKCVr/yqs0QOa1zDjAE8zEoLFlfKlQgZpSAH394AJf5APoDwBcjaFtcPilLf/j792 Mc4DEQ6KmW2ODTLj/O+PBTor0JI3HxVQyn81p2iAcsHLFit+GweMPWu1VLqslQqZKYvk uwUgcikGzev2B7IEwbk/9DNy7Ke/E9aZbz8vbejomrtf1S8e3Sl0JK1JAXlHNuApL4SI 9DxHqcpkP/GG9W6r4Y+zEnDWzig6AMxSFGuyGgxH9pDBzrynTM9lmutPOkbpDecuZH7j uDWg==
In-reply-to: <CAC1K3K9wZYTpSmk_hMZd1GvOTZnTBq1GQTO07iMU49OzpTD2ig@mail.gmail.com>
References: <CAC1K3K_gJAMgW1U3Qs7cyRcw_DtOCNg5K_1D_GN0vKHuaQ76Zw@mail.gmail.com> <alpine.SOC.2.02.1508121014180.22017@toolbox.rutgers.edu> <CAC1K3K9wZYTpSmk_hMZd1GvOTZnTBq1GQTO07iMU49OzpTD2ig@mail.gmail.com>

On Wed, Aug 12, 2015 at 10:37 AM, Aneela Saleem <aneela@platalytics.com> wrote:
> Hi Aaron!
>
> Actually i'm trying to login LDAP users as local users from command line.
>
> I have followed this guide but unable to perform 'ssh'
>
      I think we need more than "unable to perform 'ssh'." Have you
done the usual stuff like ssh in verbose mode and check the logs? Have
you checked that ldap works in said machine?

> On Wed, Aug 12, 2015 at 7:23 PM, Aaron Richton <richton@nbcs.rutgers.edu>
> wrote:
>>
>> On Wed, 12 Aug 2015, Aneela Saleem wrote:
>>
>>> Hi all, Can anyone please tell me how can i pull users from LDAP server
>>> and treat them as local users? So that i can login as an ldap user and test
>>> whether particular user have permissions to particular HDFS commands or not.
>>
>>
>> I'm not sure what you're referring to by "pull." In a typical *ix setup,
>> you'd configure the system name services and/or authentication services to
>> include an LDAP backend.
>>
>> The precise details and options depend on the exact flavor of the system
>> you're using. nss_ldap, nss-pam-ldapd, and nssov are likely candidates on
>> the name service side; nss-pam-ldapd also provides a pam_ldap on the
>> authentication side. But again, this is somewhat system-dependent (no NSS on
>> OS X/Darwin, for example).
>>
>> For nssov, see the LDAPCon paper
>> http://ldapcon.org/2011/downloads/cheng-paper.pdf for starters.
>>
>

References:
- LDAP - Unix sync
  - From: Aneela Saleem <aneela@platalytics.com>
- Re: LDAP - Unix sync
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- Re: LDAP - Unix sync
  - From: Aneela Saleem <aneela@platalytics.com>

Prev by Date: Re: Adding Members to Groups
Next by Date: Re: LDAP - Unix sync
Index(es):
- Chronological
- Thread