This feature, also known as user mapping, allows you to associate an Active Directory user account with a local Unix user. Allowing a local user to log into a Unix host using Active Directory credentials enables that user to take advantage of the benefits of Active Directory security and access control.
To enable a local user for Active Directory authentication
|
Note: To set up this local user account, see Add local user account. |
|
Note: To set up this Active Directory user, see Add an Active Directory user account. |
You have now "mapped" a local user to an Active Directory user and the mangement console indicates that the local user account requires an Active Directory password to log onto the Host in the AD User column.
You can also map multiple Unix users to use a single Active Directory account using the Require AD Logon pane on the All Local Users tab.
To assign (or "map") a Unix user to an Active Directory user
(Click the Directory button to search in a specific folder.)
|
Note: This task requires elevated credentials. |
The Active Directory user assigned to the selected local Unix user(s) displays in the AD User column of the All Local Users tab.
Once you have "mapped" a local user to an Active Directory user, you can log into the local Unix host using your local user name and the Active Directory password of the Active Directory user to whom you are "mapped".
To test the mapped user login
and click Login to log onto the Unix host with your local user account.
You just learned how to manage local users and groups from Management Console for Unix by mapping a local user account to an Active Directory user account. You tested this by logging into the Unix host with your local user name and the password for the Active Directory user account to whom you are "mapped".
To Unix-enable an Active Directory group
|
Note: To set up this Active Directory user account, see Add an Active Directory group account. |
To Unix-enable an Active Directory user
It populates the properties with default Unix attribute values.
|
Note: There are additional settings that you can set using PowerShell which allows you to validate entries for the GECOS, Home Directory, and Login Shell attributes. Refer to Use Authentication Services PowerShell to learn more about that. |
Once enabled for Unix, you can log on to the host with that Active Directory user's log on name and password.
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy