Winbind should cover all the necessary bases at the OS-level for
verifying a user's identity so that an application can't tell if the
user is local or not.  We use AD for authentication with UV on linux and
I've never run into any UV permissions issues as a result.  You might
want to double-check your /etc/nsswitch.conf file.  This is how ours is
set up:

passwd:     files winbind
shadow:     files winbind
group:      files winbind

Also, check that your AD users have write permissions on the database
directory.  Ours has group ownership of "domain users" with group write
permission enabled:

drwxrwxr-x 771 fabric.prod domain users 131072 Apr  5 08:39
/uvdata/FABRIC.PROD

-John

-----Original Message-----
From: u2-users-boun...@listserver.u2ug.org
[mailto:u2-users-boun...@listserver.u2ug.org] On Behalf Of Mecki
Foerthmann
Sent: Thursday, April 05, 2012 9:08 AM
To: U2 Users List
Subject: [U2] Logging on to UD 7.2 on RH Linux using Active Directory
andwinbind

We are finally in the process of upgrading our old UD 5.2 system on
Solaris to 7.2 running on a virtual RH Linux server.
So far everything seems to work OK.
We can log into the database as the root user fine.
We can log into the database as a local linux user fine.
But we don't want to create local users on the linux box as it is
another set of user accounts / passwords to maintain.
To get round this we are using winbind to allow users to login to the
Linux server with their Windows Active Directory credentials.
This works well however when we come to run the udt command in the data
directory we get the following error "Illegal User ID" then the UID of
the Winbind user.
There is obviously some check that occurs when udt starts to see if the
user is a valid linux user, udt must not be able to query the
authentication mechanism and therefore will not allow the user to run
udt.
Is there a switch or another way to make this work?

Thanks

Mecki
_______________________________________________
U2-Users mailing list
U2-Users@listserver.u2ug.org
http://listserver.u2ug.org/mailman/listinfo/u2-users
_______________________________________________
U2-Users mailing list
U2-Users@listserver.u2ug.org
http://listserver.u2ug.org/mailman/listinfo/u2-users

Reply via email to