To let users defined in Active Directory log in to UNIX computers, register on the Active Directory server each UNIX computer on which you installed UNAB.
Note: You can configure the UNAB installation parameters file to specify that the installation process registers the UNIX endpoint on Active Directory during UNAB installation.
Follow these steps:
Note: You must activate UNAB before Active Directory users can log on to the UNIX computer.
If you do not specify the attribute names in the uxauth.ini file, users that are defined only in SFU cannot log in to UNAB hosts.
Note: For more information about the uxauth.ini file, see the Reference Guide.
/opt/CA/uxauth/bin
UNAB registers the UNIX computer in Active Directory and starts the uxauthd daemon.
Note: For more information about uxconsole -register, see the Reference Guide.
Example: Register a UNIX Host in Active Directory
This example shows you how to register a UNIX computer in Active Directory. You type in the user name (-a administrator) and password (-w admin), define the Active Directory host name (-d Active_Directory_Host), set the verbosity level (-v 3), specify that the UNAB agent does not run at the end of the installation (-n), and define the name of the container in Active Directory (-o OU=COMPUTERS). The container must exist before you register the UNIX computer in Active Directory:
./uxconsole -register -a administrator -w admin -d Active_Directory_Host -v 3 -n -o OU=COMPUTERS
Example: Delegating an Active Directory User the Privileges to Register a UNIX Host
If you do not want to specify an administrator user name and password when you run the uxconsole -register command, you can specify the user name and password of a user with delegated privileges for registering the UNIX host in Active Directory. The following example shows you how to delegate the privileges for registering a UNIX host in Active Directory to an Active Directory user.
The Active Directory Users and Computers management console opens.
The Delegation Control Wizard opens.
The wizard starts.
Information |
Action |
---|---|
Users and Groups |
Specifies the user to which you want to delegate control to. Select Add and search for the user you want to delegate control to. |
Tasks to Delegate |
Defines the tasks to delegate to the selected users or groups. Select "Create a custom task to delegate" |
Active Directory Object Type |
Defines the scope of the task to delegate. Do the following:
|
Permissions |
Defines the permissions to delegate to the user. Select "Creation/delegation of specific child objects ". |
The wizard closes.You have delegated permission to create computer objects in Active Directory to the user. The user now has sufficient privileges to register a UNIX host in Active Directory.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|