Winbind should cover all the necessary bases at the OS-level for verifying a user's identity so that an application can't tell if the user is local or not. We use AD for authentication with UV on linux and I've never run into any UV permissions issues as a result. You might want to double-check your /etc/nsswitch.conf file. This is how ours is set up:
passwd: files winbind shadow: files winbind group: files winbind Also, check that your AD users have write permissions on the database directory. Ours has group ownership of "domain users" with group write permission enabled: drwxrwxr-x 771 fabric.prod domain users 131072 Apr 5 08:39 /uvdata/FABRIC.PROD -John -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Mecki Foerthmann Sent: Thursday, April 05, 2012 9:08 AM To: U2 Users List Subject: [U2] Logging on to UD 7.2 on RH Linux using Active Directory andwinbind We are finally in the process of upgrading our old UD 5.2 system on Solaris to 7.2 running on a virtual RH Linux server. So far everything seems to work OK. We can log into the database as the root user fine. We can log into the database as a local linux user fine. But we don't want to create local users on the linux box as it is another set of user accounts / passwords to maintain. To get round this we are using winbind to allow users to login to the Linux server with their Windows Active Directory credentials. This works well however when we come to run the udt command in the data directory we get the following error "Illegal User ID" then the UID of the Winbind user. There is obviously some check that occurs when udt starts to see if the user is a valid linux user, udt must not be able to query the authentication mechanism and therefore will not allow the user to run udt. Is there a switch or another way to make this work? Thanks Mecki _______________________________________________ U2-Users mailing list [email protected] http://listserver.u2ug.org/mailman/listinfo/u2-users _______________________________________________ U2-Users mailing list [email protected] http://listserver.u2ug.org/mailman/listinfo/u2-users
