System Authentication for AIX and Linux using the IBM Directory Server
System- and User- Authentication is common task in every IT-environment. Various requirements such as security, scalability, availability, multi-platform support and shortcomings of other solutions like NIS lead to the fact that LDAP is becoming more and more popular for that task. Althoug LDAP can be used for much more, we’ll focus on how LDAP can be used for system authentication in an AIX (Version 5.2 and above) and Linux environment using the IBM Directory Server 4.1 in this paper.
For a better illustration of the required design and implementation steps we’ll use a real world scenario derived from a customer project. We’ll first describe the server- and user scenario and the customer administration- and security reqierements in Chapter 2. Based on these requirements we’ll explain the design decisions (e.g. schema, namespace) for the directoy in Chapter 3. In Chapter 4 and 5 we document the implementation steps for the LDAP-Server on AIX and the Client implementation steps for AIX and Linux respectively.
We do not cover general LDAP basics here. Good material for understanding LDAP can be found in [1] and [2]. General product documentation for the IBM Directory Server can be found in [5] and [6], whereas an excelent LDAP lecture can be enjoyed online in [9].
Availability and Scalability considerations will be added to a future version of this paper (a highly available and scaleable LDAP-Server-Infrastructure can be achieved with the replication features of the IBM Directory Server in combination with server load balaning using for example the IBM Network Dispatcher) as well as other topics (see Chapter 6).
Get pdf System Authentication for AIX and Linux using the IBM Directory Server
