<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">I went ahead and modified /etc/security/ldap/ldap.cfg directly <div><span class="Apple-tab-span" style="white-space:pre"> </span>*Note* Any passwords you use, MUST BE HASHED using mksecldap or some obscure command like that<br><div><br></div><div>There is /var/lib/security/method.cfg which defines LDAP, make sure your module is in there, you can create your own modules if you want to, i.e. AUTH against KRB and find your user base in LDAP… but unlike nsswitch it does not determine a priority it just says modules are here. </div><div><br></div><div>Lastly /etc/security/user, you need to change two args, SYSTEM (auth if you are familiar with pam) and registry (account) and point to the method in methods.cfg </div><div><br></div><div>If you are using SSL which you should, you need to create the cert db using some obscure gui command. </div><div><br></div><div>I essentially followed the IPA instructions and omitted the krb5 settings. </div><div><br></div><div><a href="http://www.freeipa.org/page/ConfiguringAixClients">http://www.freeipa.org/page/ConfiguringAixClients</a></div><div><br></div><div>Hope this helps.</div><div><br></div><div><br><div><br></div><div><div><br><div><div>On May 23, 2013, at 6:54 AM, Dan Lavu <<a href="mailto:dan@lavu.net">dan@lavu.net</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><meta http-equiv="Content-Type" content="text/html charset=iso-8859-1"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Are you still having issues with this? I just setup my first AIX client yesterday. <br><div><br></div><div><div><div>On Apr 16, 2013, at 2:35 AM, alexandre <<a href="mailto:axel0felix@gmail.com">axel0felix@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr"><div><div>Hi Paul,<br><br></div>do you know the AIX client configuration to use with 389DS ?<br><br></div>Thanks,<br>Alex <br></div><div class="gmail_extra"><br><br><div class="gmail_quote">2013/4/15 Paul Robert Marino <span dir="ltr"><<a href="mailto:prmarino1@gmail.com" target="_blank">prmarino1@gmail.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Its been a long time since I used an AIX box but I don't think AIX uses Pam, so it would be different, that said it should be possible but I'm not sure of the details on how to set it up. Worse come to worse look at some of the old sun one and Netscape docs they would cover AIX clients and should be at least mostly still accurate.<br>
<span style="font-family:Prelude,Verdana,san-serif"><br><br></span><span><div style="font-family:arial,sans-serif;font-size:12px;color:#999999">-- Sent from my HP Pre3</div><br></span><span style="color:navy;font-family:Prelude,Verdana,san-serif"><hr style="width:75%" align="left">
<div><div class="h5">On Apr 15, 2013 10:58 AM, alexandre <<a href="mailto:axel0felix@gmail.com" target="_blank">axel0felix@gmail.com</a>> wrote: <br><br></div></div></span><div class="HOEnZb"><div class="h5"><div dir="ltr">
<div><div><div>Hello,<br><br></div>just to know if somebody try to use an AIX client against 389DS ?<br><br></div>I know it's possible with Solaris. It is the same way to use AIX client (nsswitch.conf and pam configuration)?<br>
<br></div>Best regards,<br>Alex<br></div>
</div></div><br>--<br>
389 users mailing list<br>
<a href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br></blockquote></div><br></div>
--<br>389 users mailing list<br>389-<a href="mailto:users@lists.fedoraproject.org">users@lists.fedoraproject.org</a><br><a href="https://admin.fedoraproject.org/mailman/listinfo/389-users">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></blockquote></div><br></div></div></blockquote></div><br></div></div></div></div></body></html>