cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 20

Can ARM manage the extended schema in active directory for Unix?

Unix Attributes where you can setup:

  • NIS domain
  • UID
  • Login shell
  • Home directory
  • Primary group/GID

We have used AD for years with the extended schema to also do logins for Unix/Linux.  This requires the AD Identity Management for Unix.  For those that know this adds a tab in AD Users & Computers called the Unix tab.  There are many of us that have used this feature for years.  It works great but newer versions of MS Server OS haven't handled it well.  We use these UID's attached to users and also GID's in AD to tie to storage that's using nfs permissions.  This makes it so we have one authentication and identity source for the entire network AD.  You can log into any windows, Unix, or Linux host with the same credentials and all permissions for all storage matches permissions in AD.

Thanks,

Bill

0 Kudos
2 Replies
Level 10

Hi Bill,

if they are just normal custom attributes you can load and edit them in ARM. On a how to see https://documentation.solarwinds.com/en/Success_Center/ARM/Content/Load-additional-LDAP-attributes.h...

The only thing that would be problematic is if the attributes were encoded since we only pull the raw value.

Regards

Paul

0 Kudos

You can tell ARM how to handle the attributes.

By default ARM assumes it's just a plain string.

<TypeInfo>System.String</TypeInfo>

 

But you, for example, do boolean:

<TypeInfo>System.Boolean</TypeInfo>

(That's also mentioned on the Properties manual page.)

MultiValue is also possible:

<TypeInfo>System.String[]</TypeInfo>
<AttributeEditType>StringMultiValue</AttributeEditType>

The rest should be possible as well, but haven't tried. Blob is not supported.

0 Kudos