|
IDS Forum
Re: ODBC connection failing
Posted By: debadatta Date: Monday, 1 December 2008, at 8:28 a.m.
In Response To: Re: ODBC connection failing (Martin Fuerderer)
Hi
i checked the bin directory not all of them have root as owner but below
binaries have root as owner
onedcu
snmpdm
onsnmp
onsrvapd
snmpdp
sgidsh
onmonitor
onmode
oninit
ontape
onsmsync
onshowaudit
onaudit
onbar_d
Is it ok?
basically oninit has that permission.
ets/shadow has 400 permission.
if this is ok what else should i ensure to make it work?
Thanks & Regards
Debadatta
On Mon, Dec 1, 2008 at 6:07 PM, Martin Fuerderer <MARTINFU@de.ibm.com>wrote:
> Hi,
>
> > does this mean client user id should hve permission to read /etc/shadow?
>
> > Could this be reason for failure.
>
> No. As I explained before, the IDS server's binary needs to have the
> correct file owner ship (user root group informix) and the correct
> file access rights (especially the s-bit). With the correct settings,
> IDS is able to get the necessary credentials from /etyc/shadow
> and can compare them (assuming that the encryption algorithm is
> plain UNIX style crypt() ).
>
> Regards,
> Martin
> --
> Martin Fuerderer
> IBM Informix Development Munich, Germany
> Information Management
>
> IBM Deutschland Research & Development GmbH
> Chairman of the Supervisory Board: Martin Jetter
> Board of Management: Erich Baier
> Corporate Seat: Boeblingen, Germany
> Reg.-Gericht: Amtsgericht Stuttgart, HRB 243294
>
> ids-bounces@iiug.org wrote on 01.12.2008 12:22:13:
>
> > Hi
> >
> > i found this in an IIUG thread .
> >
> > IDS natively supports only the generic UNIX password encryption
> > (using the system call "crypt()"), with the password either being
> > held in /etc/passwd, /etc/shadow or NIS/NIS+. All other methods
> > (encryption and/or place to keep encrypted password) are not
> > natively supported.
> >
> > does this mean client user id should hve permission to read /etc/shadow?
>
> > Could this be reason for failure.
> >
> > Regards
> > Debadatta Mishra
> >
> > On Mon, Dec 1, 2008 at 4:26 PM, debadatta <mishra.dd@gmail.com> wrote:
> >
> > > Hi
> > >
> > > I tried both rhosts and .netrc in the user home without success.
> > > the initial user i was trying did not have a home so i tried informix
> user
> > > and updated it .netrc then .rhosts file.
> > >
> > > but it did not work and same error message it is still showing.
> > >
> > > Which ODBC driver are you using for this type connection , i am using
> > > INTERSOLV3.11 32 bit and IDSv7.3.
> > >
> > > How to check PAM authenticaion?
> > >
> > > Thanks & regards
> > > Debadatta Mishra
> > >
> > > 2008/12/1 Habichtsberg, Reinhard <RHabichtsberg@arz-emmendingen.de>
> > >
> > > > Hi,
> > > >
> > > > we use shadowing without PAM. What about .rhost or hosts.equiv. You
> have
> > > to
> > > > put entries in /etc/hosts.equiv or in
> $HOME_of_the_odbc_user/.rhosts,
> > > e.g.
> > > >
> > > > /home/dbauth/.rhosts:
> > > > + dbauth # allows connect all clients as user dbauth
> > > >
> > > > HTH,
> > > > Reinhard.
> > > >
> > > > > -----Original Message-----
> > > > > From: ids-bounces@iiug.org [mailto:ids-bounces@iiug.org]On Behalf
> Of
> > > > > Andreas.KUTSCHE@spar.at
> > > > > Sent: Monday, December 01, 2008 10:13 AM
> > > > > To: ids@iiug.org
> > > > > Subject: AW: ODBC connection failing [14158]
> > > > >
> > > > >
> > > > > Hi,
> > > > >
> > > > > I think IDS doesn't work out of the box with password shadowing.
> > > > > You have to configure PAM authentication to use password
> shadowing.
> > > > > We did never try - maybe someone can give you better advice
> > > > > on that point.
> > > > >
> > > > > For a quick fix you can put the old password entry into the
> > > > > /etc/passwd
> > > > > on the new server.
> > > > >
> > > > > Regards,
> > > > > Andreas Kutsche
> > > > >
> > > > > >
> > > > > -------------------------------------------
> > > > > SPAR Österreichische Warenhandels-AG
> > > > > Hauptzentrale
> > > > > A - 5015 Salzburg, Europastrasse 3
> > > > > FN 34170 a
> > > > >
> > > > > Tel: +43 662 4470 24223
> > > > > Mobile: +43 664 6259575
> > > > > E-Mail: Andreas.KUTSCHE@spar.at
> > > > > Internet: http://www.spar.at
> > > > >
> > > > > Wichtiger Hinweis: Der Inhalt dieser E-Mail kann vertrauliche
> > > > > und rechtlich
> > > > > geschützte Informationen, insbesondere Betriebs- oder
> > > > > Geschäftsgeheimnisse,
> > > > > enthalten, zu deren Geheimhaltung der Empfänger verpflichtet ist.
> Die
> > > > > Informationen in dieser E-Mail sind ausschließlich für den
> Adressaten
> > > > > bestimmt. Sollten Sie die E-Mail irrtümlich erhalten haben so
> > > > > ersuchen wir
> > > > > Sie, die Nachricht von Ihrem System zu löschen und sich mit
> > > > > uns in Verbindung
> > > > > zu setzen.
> > > > > Über das Internet versandte E-Mails können leicht manipuliert
> > > > > oder unter
> > > > > fremdem Namen erstellt werden. Daher schließen wir die rechtliche
> > > > > Verbindlichkeit der in dieser Nachricht enthaltenen
> > > > > Informationen aus. Der
> > > > > Inhalt der E-Mail ist nur rechtsverbindlich, wenn er von uns
> > > > > schriftlich
> > > > > bestätigt und gezeichnet wird.
> > > > > Sollte trotz der von uns verwendeten Virus-Schutzprogramme
> > > > > durch die Zusendung
> > > > > von E-Mails ein Virus in Ihre Systeme gelangen, haften wir
> > > > > nicht für evtl.
> > > > > hieraus entstehende Schäden.
> > > > > Wir danken für Ihr Verständnis.
> > > > >
> > > > > Important notice: The contents of this e-mail may contain
> > > > > confidential and
> > > > > legally protected information that is in particular related
> > > > > to operational and
> > > > > trade secrets, which the recipient is obliged to treat as
> > > > > confidential. The
> > > > > information in this e-mail is made available exclusively for
> > > > > use by the
> > > > > addressee. In the event that the e-mail may have been sent to
> > > > > you in error, we
> > > > > would ask you to kindly delete this communication from your
> > > > > system and to
> > > > > contact us.
> > > > > E-mails sent via the Internet can be easily manipulated or
> > > > > sent out under
> > > > > someone else's name. We therefore do not accept legal
> > > > > liability for the
> > > > > information contained in this communication. The contents of
> > > > > the e-mail are
> > > > > only legally binding if they have been confirmed and signed
> > > > > by us in writing.
> > > > > If, in spite of our using Antivirus protection software, a
> > > > > virus may have
> > > > > penetrated your system through the sending of this e-mail, we
> > > > > do not accept
> > > > > liability for any damage that may possibly arise as a result of
> this.
> > > > > We trust that you appreciate our position.
> > > > >
> > > > > -------------------------------------------
> > > > > -----Ursprüngliche Nachricht-----
> > > > >
> > > > > > Von: ids-bounces@iiug.org [mailto:ids-bounces@iiug.org] Im
> > > > > Auftrag von
> > > > > > debadatta
> > > > > > Gesendet: Montag, 01. Dezember 2008 09:06
> > > > > > An: ids@iiug.org
> > > > > > Betreff: Re: ODBC connection failing [14153]
> > > > > >
> > > > > > Hi
> > > > > >
> > > > > > The new host is a copy of old one so all the IDs exist with
> > > > > the same
> > > > > > password.
> > > > > >
> > > > > > Only difference is shadowing is enabled in the new server.
> > > > > >
> > > > > > dbauth:124545445yuyuy:501:102:Database
> > > > > > Authentication:/home/dbauth:/bin/rksh
> > > > > > (Old)
> > > > > >
> > > > > > dbauth:x:501:105:Database
> > > > > Authentication:/home/dbauth:/bin/rksh (new)
> > > > > >
> > > > > > Can you suggest how to work through it. The user logins and ids
> are
> > > > > > working
> > > > > > fine when connected to server directly through telnet or ssh.
> > > > > >
> > > > > > Thanks & Regards
> > > > > > Debadatta
> > > > > >
> > > > > > 2008/12/1 Andreas.KUTSCHE@spar.at <andreas.kutsche@spar.at>
> > > > > >
> > > > > > > Hi,
> > > > > > >
> > > > > > > you migrated to a new/different host, too?
> > > > > > > Informix users must exist at the OS level (with the
> > > > > correct passwort).
> > > > > > >
> > > > > > > Regards,
> > > > > > > Andreas Kutsche
> > > > > > >
> > > > > > > >
> > > > > > > -------------------------------------------
> > > > > > > SPAR Österreichische Warenhandels-AG
> > > > > > > Hauptzentrale
> > > > > > > A - 5015 Salzburg, Europastrasse 3
> > > > > > > FN 34170 a
> > > > > > >
> > > > > > > Tel: +43 662 4470 24223
> > > > > > > Mobile: +43 664 6259575
> > > > > > > E-Mail: Andreas.KUTSCHE@spar.at
> > > > > > > Internet: http://www.spar.at
> > > > > > >
> > > > > > > Wichtiger Hinweis: Der Inhalt dieser E-Mail kann vertrauliche
> und
> > > > > > rechtlich
> > > > > > > geschützte Informationen, insbesondere Betriebs- oder
> > > > > > Geschäftsgeheimnisse,
> > > > > > > enthalten, zu deren Geheimhaltung der Empfänger
> > > > > verpflichtet ist. Die
> > > > > > > Informationen in dieser E-Mail sind ausschließlich für
> > > > > den Adressaten
> > > > > > > bestimmt. Sollten Sie die E-Mail irrtümlich erhalten
> > > > > haben so ersuchen
> > > > > > wir
> > > > > > > Sie, die Nachricht von Ihrem System zu löschen und sich
> > > > > mit uns in
> > > > > > > Verbindung
> > > > > > > zu setzen.
> > > > > > > Über das Internet versandte E-Mails können leicht
> > > > > manipuliert oder unter
> > > > > > > fremdem Namen erstellt werden. Daher schließen wir die
> rechtliche
> > > > > > > Verbindlichkeit der in dieser Nachricht enthaltenen
> > > > > Informationen aus.
> > > > > > Der
> > > > > > > Inhalt der E-Mail ist nur rechtsverbindlich, wenn er von
> > > > > uns schriftlich
> > > > > > > bestätigt und gezeichnet wird.
> > > > > > > Sollte trotz der von uns verwendeten
> > > > > Virus-Schutzprogramme durch die
> > > > > > > Zusendung
> > > > > > > von E-Mails ein Virus in Ihre Systeme gelangen, haften
> > > > > wir nicht für
> > > > > > evtl.
> > > > > > > hieraus entstehende Schäden.
> > > > > > > Wir danken für Ihr Verständnis.
> > > > > > >
> > > > > > > Important notice: The contents of this e-mail may contain
> > > > > confidential
> > > > > > and
> > > > > > > legally protected information that is in particular related to
>
> > > > > > operational
> > > > > > > and
> > > > > > > trade secrets, which the recipient is obliged to treat as
> > > > > confidential.
> > > > > > The
> > > > > > > information in this e-mail is made available exclusively
> > > > > for use by the
> > > > > > > addressee. In the event that the e-mail may have been
> > > > > sent to you in
> > > > > > error,
> > > > > > > we
> > > > > > > would ask you to kindly delete this communication from
> > > > > your system and
> > > > > > to
> > > > > > > contact us.
> > > > > > > E-mails sent via the Internet can be easily manipulated
> > > > > or sent out
> > > > > > under
> > > > > > > someone else's name. We therefore do not accept legal
> > > > > liability for the
> > > > > > > information contained in this communication. The contents
> > > > > of the e-mail
> > > > > > are
> > > > > > > only legally binding if they have been confirmed and
> > > > > signed by us in
> > > > > > > writing.
> > > > > > > If, in spite of our using Antivirus protection software,
> > > > > a virus may
> > > > > > have
> > > > > > > penetrated your system through the sending of this
> > > > > e-mail, we do not
> > > > > > accept
> > > > > > > liability for any damage that may possibly arise as a
> > > > > result of this.
> > > > > > > We trust that you appreciate our position.
> > > > > > >
> > > > > > > -------------------------------------------
> > > > > > > -----Ursprüngliche Nachricht-----
> > > > > > >
> > > > > > > > Von: ids-bounces@iiug.org [mailto:ids-bounces@iiug.org]
> > > > > Im Auftrag von
> > > > > > > > debadatta
> > > > > > > > Gesendet: Montag, 01. Dezember 2008 08:30
> > > > > > > > An: ids@iiug.org
> > > > > > > > Betreff: ODBC connection failing [14150]
> > > > > > > >
> > > > > > > > Hi All
> > > > > > > >
> > > > > > > > We just migrated to a new unix server from an old one with
> > > > > > Infiormixv7.3
> > > > > > > > installed.
> > > > > > > >
> > > > > > > > But while we were able to connect to the old database
> > > > > server we are
> > > > > > not
> > > > > > > > able
> > > > > > > > to do the same in the new.
> > > > > > > >
> > > > > > > > I am getting this message
> > > > > > > >
> > > > > > > > [INTERSOLV][ODBC Informix Driver][Informix] user's
> > > > > password is not
> > > > > > > correct
> > > > > > > > for the database server.
> > > > > > > >
> > > > > > > > I have tried three ids all having same problem.
> > > > > > > >
> > > > > > > > Please let me know what might be the cause of the
> > > > > problem, what should
> > > > > > i
> > > > > > > > check for this to work?
> > > > > > > >
> > > > > > > > Thanks & Regards
> > > > > > > > Debadatta Mishra
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > **************************************************************
> > > > > ************
> > > > > > > > *****
> > > > > > > > Forum Note: Use "Reply" to post a response in the
> > > > > discussion forum.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > **************************************************************
> > > > > ************
> > > > > > *****
> > > > > > > Forum Note: Use "Reply" to post a response in the
> > > > > discussion forum.
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > **************************************************************
> > > > > ************
> > > > > > *****
> > > > > > Forum Note: Use "Reply" to post a response in the discussion
> forum.
> > > > >
> > > > >
> > > > > **************************************************************
> > > > > *****************
> > > > > Forum Note: Use "Reply" to post a response in the discussion
> forum.
> > > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> >
>
>
> *******************************************************************************
> > > > Forum Note: Use "Reply" to post a response in the discussion forum.
> > > >
> > > >
> > >
> > >
> > >
> > >
> >
>
>
> *******************************************************************************
> > > Forum Note: Use "Reply" to post a response in the discussion forum.
> > >
> > >
> >
> >
> >
>
>
> *******************************************************************************
> > Forum Note: Use "Reply" to post a response in the discussion forum.
> >
>
>
>
> *******************************************************************************
> Forum Note: Use "Reply" to post a response in the discussion forum.
>
>
Messages In This Thread
IDS Forum is maintained by Administrator with WebBBS 5.12.
|
|