Hello all, Currently we have our Solaris servers authenticating against an LDAP server. But since I'm not an SA and didn't set that up, I'm not exactly sure how it works. I know the Solaris box sends the username and password via LDAP to our server, and receives a yes/no. But there also is a second aspect, which is that in our LDAP server some users have a special field marked that allows them access to Solaris servers.
So we have 10,000 LDAP entries, but only 100 are enabled for Solaris login. Could someone give me the beginners guide to how that works? Does the Solaris server know what LDAP attribute to look up? Or does the LDAP server know that if you came from server XXX then you have to be a member of some LDAP group? I'm familiar with Radius, where the user has to be part of a group, and the server is also a part of that group. So when spresley tries to log on to a server named box1, the Radius server checks to see what group box1 is a part of, and if spresley is in that group. How does that work with LDAP? And more importantly, how does that work with ActiveDirectory? Could our Solaris servers authenticate against AD (using the LDAP protocol). I'm just not sure how we would setup users in AD to distinguish if they could log in to a particular server or not? Thanks! Shane _______________________________________________ Solaris-Users mailing list [EMAIL PROTECTED] http://www.filibeto.org/mailman/listinfo/solaris-users
