[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP - Unix sync



Hi Aaron! 

Actually i'm trying to login LDAP users as local users from command line. 

I have followed this guide but unable to perform 'ssh'

On Wed, Aug 12, 2015 at 7:23 PM, Aaron Richton <richton@nbcs.rutgers.edu> wrote:
On Wed, 12 Aug 2015, Aneela Saleem wrote:

Hi all, Can anyone please tell me how can i pull users from LDAP server and treat them as local users? So that i can login as an ldap user and test whether particular user have permissions to particular HDFS commands or not.

I'm not sure what you're referring to by "pull." In a typical *ix setup, you'd configure the system name services and/or authentication services to include an LDAP backend.

The precise details and options depend on the exact flavor of the system you're using. nss_ldap, nss-pam-ldapd, and nssov are likely candidates on the name service side; nss-pam-ldapd also provides a pam_ldap on the authentication side. But again, this is somewhat system-dependent (no NSS on OS X/Darwin, for example).

For nssov, see the LDAPCon paper http://ldapcon.org/2011/downloads/cheng-paper.pdf for starters.