Home

Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: eDirectory LDAP

Hybrid View

  1. #1
    Percent01 NNTP User

    eDirectory LDAP


    Hi everybody!

    I am newbie, I install eDir 8.7.3 to s2003.
    Somebody can tell me how to make new LDAP users?
    I get new red "N" icon to the taskbar, but when I right click to this
    icon I don't see any 'interesting' setting.

    I would like to search where exactly store the LDAP users (I think in
    some kind of database somewhere...)


    Really thanks the reply!


    --
    Percent01
    ------------------------------------------------------------------------
    Percent01's Profile: https://forums.netiq.com/member.php?userid=6341
    View this thread: https://forums.netiq.com/showthread.php?t=49302


  2. #2
    Jim Henderson NNTP User

    Re: eDirectory LDAP

    On Sun, 24 Nov 2013 21:05:40 +0000, Percent01 wrote:

    > Hi everybody!
    >
    > I am newbie, I install eDir 8.7.3 to s2003.
    > Somebody can tell me how to make new LDAP users?
    > I get new red "N" icon to the taskbar, but when I right click to this
    > icon I don't see any 'interesting' setting.
    >
    > I would like to search where exactly store the LDAP users (I think in
    > some kind of database somewhere...)
    >
    >
    > Really thanks the reply!


    If the system is a domain controller, then you need to configure
    eDirectory's LDAP server to use other ports, because Windows Server
    requires the AD LDAP interfaces be on ports 389/636.

    Otherwise, if it's just a member server, the installation should
    configure it for LDAP access automatically.

    Jim
    --
    Jim Henderson, CNA6, CDE, CNI, LPIC-1, CLA10, CLP10
    Novell/SUSE/NetIQ Knowledge Partner

  3. #3
    David Gersic NNTP User

    Re: eDirectory LDAP

    On Sun, 24 Nov 2013 21:05:40 +0000, Percent01 wrote:

    > Hi everybody!
    >
    > I am newbie, I install eDir 8.7.3 to s2003. Somebody can tell me how to
    > make new LDAP users?


    You would use an application to do so. Natively, you could use iManager
    with eDirectory to create Users or other types of objects. Or you could
    use any LDAP enabled application that can create objects.


    > I get new red "N" icon to the taskbar, but when I
    > right click to this icon I don't see any 'interesting' setting.


    That would be the Windows client, which does not, by itself, offer any
    administrative functions.


    --
    --------------------------------------------------------------------------
    David Gersic dgersic_@_niu.edu
    Knowledge Partner http://forums.netiq.com

    Please post questions in the forums. No support provided via email.
    If you find this post helpful, please click on the star below.

  4. #4
    Percent01 NNTP User

    Re: eDirectory LDAP


    Fortunatelly, I make 2 new user (simple and nonsimple password)
    I think the password store in nds.01 or nds.db file, because I saw the
    usernames in this file.
    How can I read this database or how can I make a query, to see passwords
    hash?


    --
    Percent01
    ------------------------------------------------------------------------
    Percent01's Profile: https://forums.netiq.com/member.php?userid=6341
    View this thread: https://forums.netiq.com/showthread.php?t=49302


  5. #5
    Join Date
    Dec 2007
    Location
    Brooklyn, NY
    Posts
    6,213

    Re: eDirectory LDAP

    On 11/25/2013 10:34 AM, Percent01 wrote:
    >
    > Fortunatelly, I make 2 new user (simple and nonsimple password)
    > I think the password store in nds.01 or nds.db file, because I saw the
    > usernames in this file.
    > How can I read this database or how can I make a query, to see passwords
    > hash?


    You do not have direct database access to the eDir DIB files.

    You would query via LDAP to see the user in the eDirectory tree. Or via
    NCP (With Client32 and Console One, or via iManager (A web tool that
    comes with eDirectory).

    You will NOT easily get back the password hash. However, if you must see
    the password, and you define your password policy to allow it, it is
    retrievable. A Java app that performs this task is available at:
    http://ldapwiki.willeke.com/Wiki.jsp...nformationTool

    (This assumes you have a password policy that enables Universal
    Password. If not, then you will default to NDS passwords, which are
    Public Key/Private key pairs, and while you can get access to the Public
    Key, the Private key is meant to be heavily protected. (There are ways,
    but it would be pretty foolish to do so).





  6. #6
    Percent01 NNTP User

    Re: eDirectory LDAP


    geoffc;237383 Wrote:
    > On 11/25/2013 10:34 AM, Percent01 wrote:
    > >
    > > Fortunatelly, I make 2 new user (simple and nonsimple password)
    > > I think the password store in nds.01 or nds.db file, because I saw

    > the
    > > usernames in this file.
    > > How can I read this database or how can I make a query, to see

    > passwords
    > > hash?

    >
    > You do not have direct database access to the eDir DIB files.
    >
    > You would query via LDAP to see the user in the eDirectory tree. Or
    > via
    > NCP (With Client32 and Console One, or via iManager (A web tool that
    > comes with eDirectory).
    >
    > You will NOT easily get back the password hash. However, if you must
    > see
    > the password, and you define your password policy to allow it, it is
    > retrievable. A Java app that performs this task is available at:
    > http://tinyurl.com/3telax5
    >
    > (This assumes you have a password policy that enables Universal
    > Password. If not, then you will default to NDS passwords, which are
    > Public Key/Private key pairs, and while you can get access to the
    > Public
    > Key, the Private key is meant to be heavily protected. (There are ways,
    > but it would be pretty foolish to do so).


    I would like to introduce the password store security. This is the main
    reason.
    Easy question: how can I search my cn,dc, ou settings?


    --
    Percent01
    ------------------------------------------------------------------------
    Percent01's Profile: https://forums.netiq.com/member.php?userid=6341
    View this thread: https://forums.netiq.com/showthread.php?t=49302


  7. #7
    David Gersic NNTP User

    Re: eDirectory LDAP

    On Tue, 26 Nov 2013 09:34:02 +0000, Percent01 wrote:

    > I would like to introduce the password store security. This is the main
    > reason.


    What password store security?


    > Easy question: how can I search my cn,dc, ou settings?


    Search with what? LDAP? iManager? Something else?


    --
    --------------------------------------------------------------------------
    David Gersic dgersic_@_niu.edu
    Knowledge Partner http://forums.netiq.com

    Please post questions in the forums. No support provided via email.
    If you find this post helpful, please click on the star below.

  8. #8
    Percent01 NNTP User

    Re: eDirectory LDAP


    dgersic;237434 Wrote:
    > On Tue, 26 Nov 2013 09:34:02 +0000, Percent01 wrote:
    >
    > > I would like to introduce the password store security. This is the

    > main
    > > reason.

    >
    > What password store security?
    > I made many user with different password store policy (universal,
    > non-universal, NDS, etc.)
    >
    >
    > > Easy question: how can I search my cn,dc, ou settings?

    >
    > Search with what? LDAP? iManager? Something else?
    > I have iManager administrator account.
    > Also I would like to make query, but I don't know how to make the JDBC
    > connection and so on...



    --
    Percent01
    ------------------------------------------------------------------------
    Percent01's Profile: https://forums.netiq.com/member.php?userid=6341
    View this thread: https://forums.netiq.com/showthread.php?t=49302


  9. #9
    David Gersic NNTP User

    Re: eDirectory LDAP

    On Tue, 26 Nov 2013 17:16:15 +0000, Percent01 wrote:

    > dgersic;237434 Wrote:
    >> On Tue, 26 Nov 2013 09:34:02 +0000, Percent01 wrote:
    >>
    >> > I would like to introduce the password store security. This is the

    >> main
    >> > reason.

    >>
    >> What password store security?
    >> I made many user with different password store policy (universal,
    >> non-universal, NDS, etc.)


    eDirectory comes with documentation. I'm pretty sure that configuration
    of password policies is included.


    >> > Easy question: how can I search my cn,dc, ou settings?

    >>
    >> Search with what? LDAP? iManager? Something else? I have iManager
    >> administrator account. Also I would like to make query, but I don't
    >> know how to make the JDBC connection and so on...


    You don't. It's not a JDBC accessible database, it's a directory.


    --
    --------------------------------------------------------------------------
    David Gersic dgersic_@_niu.edu
    Knowledge Partner http://forums.netiq.com

    Please post questions in the forums. No support provided via email.
    If you find this post helpful, please click on the star below.

  10. #10
    Percent01 NNTP User

    Re: eDirectory LDAP


    EDIRECTORY COMES WITH DOCUMENTATION. I'M PRETTY SURE THAT CONFIGURATION
    OF PASSWORD POLICIES IS INCLUDED.
    It is OK. I make various user with different password policies.
    The question: how can I reverse the password?
    1. I think if I can make query in iManager, I get user passwords. But I
    have to connect something database (jdbc connection etc.) to make
    query.
    2. I get this tip: http://tinyurl.com/q58jnhz but I don't know "fully
    distinguished name of a user with rights"
    http://tinyurl.com/oprxhz5


    --
    Percent01
    ------------------------------------------------------------------------
    Percent01's Profile: https://forums.netiq.com/member.php?userid=6341
    View this thread: https://forums.netiq.com/showthread.php?t=49302


Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •