LDAP server to centralize authentication on AIX

Posted on 2010-08-16
Last Modified: 2013-11-17
Hi again,

I'm planning to install an LDAP server to centralize all accounts of several AIX servers.. I've worked before with openldap and fedora directory service but on a linux environment. I'l like to hear opinions on would be the best ldap server to use on an AIX enviroment. I'd like to setup a redundant setup.

Question by:sminfo
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
LVL 13

Expert Comment

by:George K.
ID: 33445104
Open source LDAP servers include:

Red Hat Directory Server/Fedora Directory Server. Red Hat Directory Server was initially bought from Netscape Security Solutions as a commercial product for Red Hat Enterprise Linux. Nowadays it is produced by Red Hat with name Red Hat Directory Server. Following its policy Red Hat produced version for Fedora Core also. It is called Fedora Directory Server that is perfect for distributives on the basis of RedHat. Codes of these servers coincide greatly because of the common root. Unlike OpenLDAP Fedora/Red Hat directory servers have good documentation.

OpenLDAP. OpenLDAP is the further development of the original slapd. It is widely distributed and used on many platforms like Linux, FreeBSD, Windows and MacOS X. Documentation containing on the website is quite obsolete, but there are many useful step-by-step instructions. OpenLDAP is time-tested. Its functionality is practically identical to RedHat directory server.

Commercial LDAP Servers 

Novell eDirectory. All products are free for higher educational establishments. It works with the help of the following operational systems: Novell Netware, Windows (NT), Linux (SUSE Enterprise, or RedHat), Solaris, AIX, HP-UX. You have everything in one product – all the necessary programs are given at once. Installation and customization are easy.
Advantages - exclusive documentation and affordable price, technical support for registered users and cross-platform function. Disadvantage – closed source files.

Microsoft Active Directory. It is a part of Windows Server family. It’s a perfect solution for MS networks. Advantages – perfect integration into the system, highly qualified documentation.

Sun Java System Directory Server. Sun merged with IPlanet Company and created its new product – Sun ONE, renamed afterwards to Sun Java System Directory Server. It is not a standalone product, but just a part of Java Enterprise System. System requirements: Solaris 10, Solaris 9, Solaris 8 (only for SPARC), Red Hat Enterprise Linux 2.1 and 3.1, HP-UX 11i, Microsoft Windows 2000, XP, 2003. You can not buy it apart from Java Enterprise System. But if you decide to use complex solution from Sun, you won’t have any problems. Sun engineers will help you to install and configure it according to your requirements.

IBM Tivoli Directory Server. LDAP-solution from IBM. It is supported by the following operational systems: AIX, Solaris, Microsoft Windows 2000, HP-UX, and also Linux for Intel and IBM eServer iSeries, pSeries and zSeries. Advantage – qualified, open and free for all documentation.

Here is the link too:
I would go with IBM solution having in mind the above, but also stability of the whole system.
LVL 68

Expert Comment

ID: 33445188
alas I don't work with LDAP in our AIX environment, but
1) As far as I know AIX machines can be clients of LDAP servers such as Fedora  or openldap without a problem.
2) There is of course an IBM/Tivoli solution, the "IBM Tivoli Directory Server" - 
It's not part of AIX, and thus payable, of course. ( and it's NOT really cheap, ~ EUR 10.000 per POWER5 core).

Author Comment

ID: 33445510
Hi georgekl,

I was taking a look at IBM Tivoli but it's too expensive I think knowing the situation in our enterprise. Have you test any open-source solution in an AIX production environment? We have MS Active Directory but not sure if windows admins are willy to make changes in the schema  to serve all AIX servers. So, I'd like to look for sometihing on unix/linux and if possible free :-). I've worked with fedora DS, but not sure if it's ready for AIX servers.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 33446004

wmp, any experience on using openldap or FDS?
LVL 13

Accepted Solution

George K. earned 250 total points
ID: 33448480
I have experienced FDS working great although, I have not personally not set it up, we had no problems since it was up and working.
LVL 68

Assisted Solution

woolmilkporc earned 250 total points
ID: 33448520
I think this Redbook "Integrating AIX into Heterogeneous LDAP Environments"
could help you a lot -

Expert Comment

ID: 33448564
I'd prefer to go with OpenLDAP on suse for both primary and secondary LDAP servers, and then configure Aix servers as LDAP clients.  If this environment is very big, you may considering configuring multiple secondary LDAP servers.

Author Comment

ID: 33462197
Hi georgekl,

Sorry the delay. You said you have used FDS, but I ask you if you used it on an AIX environment? Do you have AIX authenticating with a FDS server without problems?
LVL 13

Expert Comment

by:George K.
ID: 33462381

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question