idsync and ldap auth

Hi all,

I want to use ldap auth on solaris login with my Windows users.

I installed DS and idsync from jes5.

Then I prepared DS with idsconfig for pam authentication (I read 819-4635 documentation from it).

Now, I can sync userc from AD, and I can BIND at ldapsearc with this users. But I can't login to solaris, because I have only uid, but I haven't uidnumber, gidnumber and homedirectory. If I add posixAccount class to schema, I can configure it. Now, I want use only one default guidnumber, I can set it. But how can I set uniq home directory (like /home/<uid>), and a uniq uidnumber? If I want to map objectguid to uidnumber, I received an error message: "The attribute mapping 'objectguid' to 'dspswuserlink' is a system default and cannot be changed." Any other idea, how can I set a uniq uidnumber at sync?

Thanx,

Quad

[882 byte] By [Quad-93a] at [2007-11-27 8:09:13]

«« java.lang.NullPointerException throwed when doing Hibernate Persistence
»» JFrame and composants resize

# 1

We ran into the same issue. Luckily, we had a custom numeric field in AD for all users, which is their unique employee number. We mapped it to uidNumber in attributeMaps in ISW. We did it using DSEE 6.0 and ISW that comes with it.

snowdoga at 2007-7-12 19:52:11 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 2

A trivial way could be to make idsync to set uidnumber always to a known value for new user, say 9999, and then add a DS plugin or a cron job which checks any DS entry with that value and increments it.

scripetoa at 2007-7-12 19:52:11 >

# 3

got no solution for the uidnumber-problem!but have you tried something like /home/%samaccountname% as a default in the configuration section? not 100% sure

o.bogosavljevica at 2007-7-12 19:52:11 >

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

idsync and ldap auth

Web & Directory Servers Hot Topic

Web & Directory Servers

All Classified