Skip to main content
Start a Conversation

This post is more than 5 years old

Solved!

Go to Solution

Lindsey2

1 Rookie

 • 

5 Posts

2071

March 26th, 2009 04:00

Authenticating with active directory

We have multiple global consoles installed and would like to authenticate against the active directory database. Is there a way to do that? We currently have each individual/password listed in the serverconnect.conf file on the global manager server.

CHIBenson

7 Posts

March 26th, 2009 08:00

Sure there is.. I do that now. in the serverConnect.conf file the user id would read something like: *:userid@AD Domain: :All This allows you to use active directory. Keep in mind that the userid then has to be set up the same way within the global console management for userids.

Tim Benson

Lindsey2

1 Rookie

 • 

5 Posts

March 27th, 2009 04:00

Thanks, Tim. That worked.

TCorcoran

53 Posts

March 31st, 2009 11:00

Lindsey,

Another way is to use a perl script such as /opt/InCharge7/SAM/smarts/examples/authority/sm_authority.pl
you can use the Net::LDAP to communicate directly to an LDAP server and you will no longer need to worry about setting up individual system users.

You utilize the script by adding the following to your sm_service entry:

--env=SM_AUTHORITY=IDENTIFIY=sm_authority,AUTHENTICATE=/opt/InCharge7/SAM/smarts/local/script/sm_authority_ldap.pl

The IDENTIFY=sm_authority means that the default SMARTS credential prompting will happen, and the AUTHENTICATE=... will pipe the credentials to the script.

If you have any questions about this implementation let me know.

- TC

yashr_525b35

1 Message

November 17th, 2009 14:00

TC,

Do we need to make any changes to the script to get this working? Is there any documentation available? We are using RHEL4 and netldap for perl is functional.

Thanks for info,

YR

Dinand1

89 Posts

November 19th, 2009 06:00

Hi all,

I would also like to have some extra information regarding the LDAP integration and SMARTS.

- Perl modules used

- If there is any script customization

- Location of the scripts when in production,there are at least 4 perl scripts

- Documentation

thanks in advance

Fernando

Ausgrid

1 Message

August 22nd, 2011 00:00

Hi TC,

More than 2years since your post...

I would like to find out more regarding your LDAP integration. I have previously used AD successfully, with no tweaks required. Currently we are running RHEL5, with LDAP integration (using Likewise) for the OS.

This however does not work when you specify on the serverConnect.conf password field.

I am NOT using the username@domain in the userfield, just username.

The /etc/passwd and /etc/shadow files no longer contains the usernames the now uses LDAP for authentication.

Is this syntax correct?.

--env=SM_AUTHORITY=IDENTIFY=sm_authority,AUTHENTICATE=/opt/InCharge7/SAM/smarts/local/script/sm_authority_ldap.pl

As --help indicates:

--env= =
                           A = pair which will be placed in
                           the process environment of the launched
                           service.  As many --env arguments as are
                           necessary may be specified.  The syntax
                           = (with no specified value) has the
                           effect of unsetting in the environment
                           of the launched program.  --env arguments are
                           applied left to right as they appear on the
                           command line, and this ordering is preserved
                           in the database.

And according to the documentation SM_AUTHORITY can only have one of two values or , where is the default when nothing is specified.

Did you copy the example sm_athority and changed it to use Net::LDAP.

Thanks in advance.

Was this post helpful?

View All

No Events found!

Top