OpenText Analytics Database 26.2.x – Ident authentication /en/security-and-authentication/client-authentication/ident-authentication/ Recent content in Ident authentication on OpenText Analytics Database 26.2.x Hugo -- gohugo.io Security-and-Authentication: Installing and setting up an ident server /en/security-and-authentication/client-authentication/ident-authentication/installing-and-setting-up-an-ident-server/ Mon, 01 Jan 0001 00:00:00 +0000 /en/security-and-authentication/client-authentication/ident-authentication/installing-and-setting-up-an-ident-server/ <p>To use Ident authentication, you must install one or more packages, depending on your operating system, and enable the Ident server on your OpenText™ Analytics Database server. <code>oidentd</code> is an Ident daemon that is compatible with the database and compliant with <a href="https://www.ietf.org/rfc/rfc1413.txt">RFC 1413</a>. <div class="alert admonition note" role="alert"> <h4 class="admonition-head">Note</h4> You can find the source code and installation instructions for oidentd at the <a href="http://ojnk.sourceforge.net/">oidentd website</a>. </div></p> <p>To install and configure Ident authentication for use with your database, follow the appropriate steps for your operating system.</p> <h3 id="red-hat-7xcentos-7x">Red hat 7.x/CentOS 7.x</h3> <p>Install an Ident server on Red Hat 7.x or CentOS 7.x by installing the <code>authd</code> and <code>xinetd</code> packages:</p> <pre tabindex="0"><code>$ yum install authd $ yum install xinetd </code></pre><h3 id="ubuntudebian">Ubuntu/debian</h3> <p>Install <code>oidentd</code> on Ubuntu or Debian by running this command:</p> <pre tabindex="0"><code>$ sudo apt-get install oidentd </code></pre><h3 id="suse-linux-enterprise-server">SUSE Linux enterprise server</h3> <p>Install the <code>pidentd</code> and <code>xinetd</code> RPMs from the following locations:</p> <ul> <li> <p><a href="https://www.suse.com/LinuxPackages/packageRouter.jsp?product=server&amp;version=11&amp;service_pack=&amp;architecture=i386&amp;package_name=pidentd">https://www.suse.com/LinuxPackages/packageRouter.jsp?product=server&amp;version=11&amp;service_pack=&amp;architecture=i386&amp;package_name=pidentd</a></p> </li> <li> <p><a href="https://www.suse.com/LinuxPackages/packageRouter.jsp?product=server&amp;version=11&amp;service_pack=&amp;architecture=i386&amp;package_name=xinetd">https://www.suse.com/LinuxPackages/packageRouter.jsp?product=server&amp;version=11&amp;service_pack=&amp;architecture=i386&amp;package_name=xinetd</a></p> </li> </ul> <h2 id="post-installation-steps-for-ubuntudebian">Post-installation steps for ubuntu/debian</h2> <p>After you install <code>oidentd</code> on your Ubuntu/Debian system, continue with the following steps:</p> <ol> <li> <p>Verify that the Ident server accepts IPv6 connections to prevent authentication failure. To do so, you must enable this capability. In the script <code>/etc/init.d/oidentd</code>, change the line from:</p> <pre tabindex="0"><code>exec=&#34;/usr/sbin/oidentd&#34; </code></pre><p>to</p> <pre tabindex="0"><code>exec=&#34;/usr/sbin/oidentd -a ::&#34; </code></pre><p>Then, at the Linux prompt, start <code>oidentd</code> with <code>-a ::</code>.</p> </li> <li> <p>Restart the server with the following command:</p> <pre tabindex="0"><code>$ /etc/init.d/oidentd restart </code></pre></li> </ol> <h2 id="post-installation-steps-for-red-hat-7xcentos-7x-and-suse-linux-enterprise-server">Post-installation steps for red hat 7.x/CentOS 7.x and SUSE Linux enterprise server</h2> <p>After you install the required packages on your Red Hat 7.x/CentOS 7.x or SUSE Linux Enterprise Server system, continue with the following steps:</p> <ol> <li> <p>Enable the <code>auth</code> service by setting <code>disable = no</code> in the configuration file <code>/etc/xinetd.d/auth</code>. If this file does not exist, create it. The following is a sample configuration file:</p> <pre tabindex="0"><code>service auth { disable = no socket_type = stream wait = no user = ident cps = 4096 10 instances = UNLIMITED server = /usr/sbin/in.authd server_args = -t60 --xerror --os } </code></pre></li> <li> <p>Restart the <code>xinetd</code> service with the following command:</p> <pre tabindex="0"><code>$ service xinetd restart </code></pre></li> </ol> Security-and-Authentication: Configuring ident authentication for database users /en/security-and-authentication/client-authentication/ident-authentication/configuring-ident-authentication-db-users/ Mon, 01 Jan 0001 00:00:00 +0000 /en/security-and-authentication/client-authentication/ident-authentication/configuring-ident-authentication-db-users/ <p>To configure Ident authentication, take the following steps:</p> <ol> <li> <p>Create an authentication method that uses Ident.</p> <p>The Ident server must be installed on the same computer as your database, so specify the keyword LOCAL. OpenText™ Analytics Database requires that the Ident server and database always be on the same computer as the database.</p> <pre tabindex="0"><code>=&gt; CREATE AUTHENTICATION v_ident METHOD &#39;ident&#39; LOCAL; </code></pre></li> <li> <p>Set the Ident authentication parameters, specifying the system users who should be allowed to connect to your database.</p> <pre tabindex="0"><code>=&gt; ALTER AUTHENTICATION v_ident SET system_users=&#39;<span class="code-variable">user1</span>:<span class="code-variable">user2</span>:<span class="code-variable">user3</span>&#39;; </code></pre></li> <li> <p>Associate the authentication method with the database user. Use a GRANT statement that allows the system user <code>user1</code> to log in using Ident authentication:</p> <pre tabindex="0"><code>=&gt; GRANT AUTHENTICATION v_ident TO <span class="code-variable">user1</span>; </code></pre></li> </ol>