General Page
You can use Active Directory to provide centralized user, group, and password management for your AIX or Linux systems. This solution can significantly reduce the complexity and effort involved in managing users, groups, and passwords as an AIX or Linux environment grows.
This service provides a “native” implementation of LDAP. This implementation uses the native operating system components of each operating system to provide the solution. Since it is a native solution, there are no 3rd party licensing costs involved.
When AIX or Linux systems are configured to use LDAP with Active Directory, users can use their Windows network login password for both Windows and AIX or Linux system login. Applications and system components on AIX and Linux can define user access by using group membership defined in Active Directory.
MSAD can be used to manage and store AIX/Linux passwords and user and group information without needing to install any additional software or schema extensions on Active Directory. Active Directory doesn’t provide default user or group object support for AIX and Linux. However, in this service, we analyze the details of your Active Directory implementation and provide you with the process to enable your Windows user and group objects for use with AIX or Linux systems.
This service provides a “native” implementation of LDAP. This implementation uses the native operating system components of each operating system to provide the solution. Since it is a native solution, there are no 3rd party licensing costs involved.
When AIX or Linux systems are configured to use LDAP with Active Directory, users can use their Windows network login password for both Windows and AIX or Linux system login. Applications and system components on AIX and Linux can define user access by using group membership defined in Active Directory.
MSAD can be used to manage and store AIX/Linux passwords and user and group information without needing to install any additional software or schema extensions on Active Directory. Active Directory doesn’t provide default user or group object support for AIX and Linux. However, in this service, we analyze the details of your Active Directory implementation and provide you with the process to enable your Windows user and group objects for use with AIX or Linux systems.
Technical Details
- Windows object enablement– your active directory user and groups will be analyzed to provide you a process for enabling your future and existing user and groups for use with AIX or Linux environments
- Heterogeneous LDAP client support – our service can provide the process for integrating both AIX and Linux systems to use the same sets Active Directory user and group objects
- Attribute mapping – our service uses LDAP attribute mapping to configure your AIX and Linux clients with the exact set of attributes needed to support both environments
- Access Control – we detail how Active Directory groups or attributes can be used to control login access to your AIX/Linux clients
- Secure configuration – the service uses SSL or TLS for implementing secure LDAP configuration. We explain the use of ACLs to secure the access provided to client systems
- Troubleshooting – we provide documentation and knowledge transfer to enable your AIX or Linux administrators to troubleshoot LDAP issues
- AIX LDAP Client – the AIX secldapclntd daemon is used to implement the LDAP client on AIX. Our service provides documentation and knowledge transfer to ensure your AIX administrators are fully versed in this solution
- SSSD - this daemon is used on Linux systems to provide LDAP client enablement. Our service provides documentation and knowledge transfer to ensure your Linux administrators are versed in this solution
Engagement Process
- Consultant arranges prep call to discuss requirements, scheduling, and agenda
- Consultant works with client to install and configure LDAP integration in client environment
- Consultant provides advice on best practice implementation
- Consultant works with client to verify the LDAP user and group management functions most important to the client
- Consultant provides presentations to facilitate knowledge transfer
Deliverables
- Presentation Slides – an electronic copy of all presentation slides
- Configuration documents – an electronic copy of configuration documents
For questions, please contact AIX/Linux Security consultant, Stephen Dominguez, at email
[{"Line of Business":{"code":"LOB08","label":"Cognitive Systems"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG10","label":"AIX"},"ARM Category":[{"code":"a8m0z000000cvzjAAA","label":"Security-\u003ELDAP\/LDAPA\/GSKIT"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Type":"MASTER"}]
Was this topic helpful?
Document Information
Modified date:
10 July 2024
UID
ibm16592381