I'm setting up an Openldap system with two machines, include one Openldap Server (Redhat 6.4) and one Openldap Client (AIX 6.1)
Now I could create LDAP User and login in AIX machine with that account.
However, I want to use hostsdeniedlogin and hostsallowedlogin those are two attributes of objectClass aixauxaccount but my Openldap server doesn't have any Object like that.
I found an aix2307aix.schema on internet, but don't know how to use it.
rfc2307aix.schema
Beside that file, I also found: a file names nisSchema.ldif which have content in the following form:
dn:cn=schema
changetype: modify
replace: objectclasses
objectclasses: (
1.3.18.0.2.6.472
NAME 'aixAuxAccount'
DESC 'Auxiliary AIX user information objectclass, for use with posixaccount an
d shadowaccount objectclasses'
SUP top
AUXILIARY
MAY ( passwordChar $ adminGroupNames $ aIXDefaultMACLevel $ aIXFuncMode $ aIXi
sDCEExport $ aIXLowMACLevel $ aIXPromptMAC $ aIXScreens $ aIXUpperMACLevel $ aud
itClasses $ authMethod1 $ authMethod2 $ coreSizeLimit $ coreSizeLimitHard $ cPuS
ize $ cPuSizeHard $ dataSegSize $ dataSegSizeHard $ filePermMask $ fileSizeLimit
$ fileSizeLimitHard $ groupList $ groupSwitchUserAllowed $ hostLastLogin $ host
LastUnsuccessfulLogin $ hostsAllowedLogin $ hostsDeniedLogin $ isAdministrator $
isAccountEnabled $ isDaemon $ isLoginAllowed $ isRemoteAccessAllowed $ isSwitch
UserAllowed $ ixTimeLastLogin $ ixTimeLastUnsuccessfulLogin $ loginTimes $ maxFa
iledLogins $ maxLogin $ openFileLimit $ openFileLimitHard $ passwordCheckMethods
$ passwordDictFiles $ passwordExpireTime $ passwordHistSize $ passwordMaxRepeat
edChars $ passwordMinAlphaChars $ passwordMinDiffChars $ passwordMinLength $ pas
swordMinOtherChars $ physicalMemLimit $ physicalMemLimitHard $ roleList $ StackS
izeLimit $ StackSizeLimitHard $ SystemEnvironment $ terminalAccess $ terminalLas
tLogin $ terminalLastUnsuccessfulLogin $ timeExpiredLogout $ timeExpireLockout $
trustedPathStatus $ unsuccessfulLoginCount $ userEnvironment $ passwordFlags )
)
And I just found the way to add the rfc2307aix.schema file as the following link
how-to-add-a-new-schema-to-openldap
that schema seem to be added successfully, but I stuck with that nisSchema.ldif file found on AIX.
I attempted to use ldapadd, but not successful.
modifying entry "cn=schema,cn=config"
ldap_modify: Other (e.g., implementation specific) error (80)
Anyone know how to deal with this, please help!