General Page
You can use IBM Security Directory Server (ISDS) to provide centralized user, group, and password management for your AIX or Linux systems. This solution can significantly reduce the complexity and effort involved in managing users, groups, and passwords as an AIX or Linux environment grows.
This service provides a “native” implementation of LDAP. This implementation uses the native operating system components of each operating system to provide the solution. Since it is a native solution, there are no 3rd party licensing costs involved. When an AIX or Linux system is configured to use LDAP with ISDS, users can use their ISDS password for both AIX or Linux system login. If the pass-through authentication feature of ISDS is configured, users can alternatively use the Windows network login password for AIX or Linux system login. Applications and system components on AIX and Linux can define user access by using group membership defined in ISDS.
This service provides a “native” implementation of LDAP. This implementation uses the native operating system components of each operating system to provide the solution. Since it is a native solution, there are no 3rd party licensing costs involved. When an AIX or Linux system is configured to use LDAP with ISDS, users can use their ISDS password for both AIX or Linux system login. If the pass-through authentication feature of ISDS is configured, users can alternatively use the Windows network login password for AIX or Linux system login. Applications and system components on AIX and Linux can define user access by using group membership defined in ISDS.
Technical Details
- RFC2307AIX compatibility – because ISDS provides RFC2307AIX support, full LDAP compatibility for AIX is provided. This full compatibility allows all AIX user and group management commands to be compatible for use with LDAP user and group accounts. The RFC2307AIX compatibility also provides management of AIX Encrypted File System and AIX Enhanced Role Based Access Control.
- Attribute mapping – our service uses LDAP attribute mapping to configure your AIX and Linux clients with the exact set of attributes needed to support both environments
- Access Control – we detail how ISDS groups or attributes can be used to control login access to your AIX/Linux clients.
- Troubleshooting – we provide documentation and AIX LDAP Client – the AIX secldapclntd daemon is used to implement the LDAP client on AIX. Our service provides documentation and knowledge transfer to ensure your AIX administrators are fully versed in this solution
- SSSD - this daemon is used on Linux systems to provide LDAP client enablement. Our service provides documentation and knowledge transfer to ensure your Linux administrators are versed in this solution.
- EWAS – install and configure the Embedded WebSphere Application Server package used for web-based LDAP GUI administration
- High Availability – this service provides the process for installing and configuring ISDS replicas
Engagement Process
- Consultant arranges prep call to discuss requirements, scheduling, and agenda
- Consultant works with client to install and configure LDAP integration in client environment
- Consultant provides advice on best practice implementation
- Consultant works with client to test the LDAP functions most important to the client
- Consultant provides presentations to facilitate knowledge transfer
Deliverables
- Presentation Slides – an electronic copy of all presentation slides displayed during the engagement
- Configuration documents – an electronic copy of any configuration documents used during the engagement
For questions, please contact AIX/Linux Security consultant, Stephen Dominguez, at email
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSVJJU","label":"IBM Security Directory Server"},"ARM Category":[{"code":"a8m0z0000001hptAAA","label":"Authentication"},{"code":"a8m0z0000001hpwAAA","label":"Pass Through Authentication"},{"code":"a8m0z0000001hq4AAA","label":"User and Group Management"}],"Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
10 July 2024
UID
ibm16592505