Issues related to configuring your network
Post Reply
Posts: 1
Joined: 2019/11/25 17:21:45


Post by AQUALUNG » 2019/11/25 17:51:32

I'm new to LDAP in linux. I have setup an LDAP server per instructions with phpLDAP. I used ... n-centos-7. The server is up and running and we can log into it using the setup procedures. We set it up to have credentials for an IBM Cognos environment. My setup is done using cn=users, dc=domain, dc=com but the IBM system wants the LDAP binding to be in UID=users, dc=domain, dc=com. Do I have to tear apart my setup or is there a way to have the users and the binding user be recognized with a UID instead of a CN through some template.

Any advice would be grateful.

Thank you Carlos

Posts: 2999
Joined: 2014/09/20 11:22:14

Re: phpLDAP

Post by aks » 2019/11/25 19:18:48

Yes you can, or maybe not.
The attribute uidNumber (usually uid is an "internal" LDAP thing) is an attribute of the object (user). You need to "tell" the LDAP server that it's a naming attribute and is searchable.
Also if IBM demands UID= not uidNumber= then ask IBM (which probably depends on the actual LDAP server involved)!
This is just from posixAccount object, which is mapped directly from NIS - see RFC 2307 (from 1998!)
I guess if your LDAP server does NOT use UID internally, then you can change the LDAP server to allow searching and the return of the UID attribute.

A starting position: (and prepare yourself to learn a bucket load about LDAP).

Post Reply

Return to “CentOS 7 - Networking Support”