AD sync and pam ldap login
Hi,
First of all, excuse my poor english. Also, I wasnt really sure where to place this post. Anyway, I hope anyone out there could help.
I'm trying to build a kind of id management using DS5.2 (Solaris9), AD and ISW. My goal is to create my users in just one database and with just one GUI , that is, Active Directory's, then have all my identities automatically propagated to a variety of connected systems and auth databases, such as DS.
So far, I have my AD users sync'ed in DS5.2 . It's just a one-way synchro from AD to DS. Now I would like to be able to login to my Sun box using ldapclient and pam_ldap and the users I imported from AD.
I've created a profile using idsconfig , initialized my ldapclient and modified nsswitch.conf. Then I've populated my DS with some entries from /etc/passwd. Everything is ok, but I've noticed that the users created with either ldapadd or ldapaddent have different attributes than the ones sync'ed with AD. Therefore I'm able to login to my SunOS with the users I've populated from /etc/passwd but not with those imported from AD.
Well, that is. I've tried to explain it the best that I could. Any ideas?
Regards!
