How to go about LDAP authentication setup?
search cancel

How to go about LDAP authentication setup?

book

Article ID: 29183

calendar_today

Updated On:

Products

CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) Workload Automation Agent

Issue/Introduction

Authenticating users via ldap through PAM (Pluggable Authentication Modules).

 

Environment

Workload Automation AE-High Availability Option

Resolution

PAM is specified in agentparm.txt where the following entries have to be coded and the agent recycled: 

  • oscomponent.auth.pam.svc : 
    specifies the service, the default being login. This entry should exist in /etc/pam.conf or /etc/pam.d/ file.
  • oscomponent.auth.pam.lib :
    specifies the full path to the PAM library file.

After the changes agentparm.txt are done and the agent recycled one can manually test the authentication:

1. First get the encrypted password for your user using the password utility in the agent directory :
password <clear_userid_password> 

2. Then use the following to check if the user can be authenticated (assuming that oscomponent.auth.pam.svc=login; change the service name accordingly if not):
chkusr user_name <encrypted_password> login

Powered by Wolken Software