Need help setting up LDAP authentication
Posted: Mon Dec 10, 2012 6:37 pm
Hello,
I've installed IIS 8.5 Server edition on RHEL 6 (64-bit) and I can get Internal Registry and OS authentication to work. This is the first time I'm trying to get LDAP authentication to work. We use Microsoft Active Directory (AD).
Please validate/guide me on the following:
1) I assume RHEL must be set up to accept AD username & password. Is this right?
2) Is setting up PAM on RHEL a must or is it optional?
3) I have installed IIS 8.5 using local root. Local user dsadm (belonging to dstage group) exists. But dstage group doesn't exist on AD. I'm just concerned about the file permissions when many users are logged in using their AD credentials and start creating files by running DataStage jobs. How do I go about this?
(i) Do I create a new group on the AD, say AD_GROUP, and add DataStage users (AD users) to it and make AD_GROUP as their primary group?
(ii) If 'yes' to above then what would happen to files, if any, created by dsadm:dstage? FYI: This is a fresh install and no jobs have been imported/run yet.
Any other useful/good practices pointers deeply appreciated.
Thanks
Mav
I've installed IIS 8.5 Server edition on RHEL 6 (64-bit) and I can get Internal Registry and OS authentication to work. This is the first time I'm trying to get LDAP authentication to work. We use Microsoft Active Directory (AD).
Please validate/guide me on the following:
1) I assume RHEL must be set up to accept AD username & password. Is this right?
2) Is setting up PAM on RHEL a must or is it optional?
3) I have installed IIS 8.5 using local root. Local user dsadm (belonging to dstage group) exists. But dstage group doesn't exist on AD. I'm just concerned about the file permissions when many users are logged in using their AD credentials and start creating files by running DataStage jobs. How do I go about this?
(i) Do I create a new group on the AD, say AD_GROUP, and add DataStage users (AD users) to it and make AD_GROUP as their primary group?
(ii) If 'yes' to above then what would happen to files, if any, created by dsadm:dstage? FYI: This is a fresh install and no jobs have been imported/run yet.
Any other useful/good practices pointers deeply appreciated.
Thanks
Mav