AIX can be integrated in to Active Directory in two ways: via Samba’s winbind directly as a Windows machine, and indirectly via LDAP. The winbind configuration was already covered in a previous posting and worked rather well. However, because of GE’s requirements, it was not possible to utilize the winbind method for Active Directory integration.
By default, AIX 5.3 has a user name length limitation of 8 characters, regardless of the back end authentication mechanism. To confirm this, run: getconf LOGIN_NAME_MAX or lsattr -El sys0 -a max_logname To set the size limitation to a new (higher) value, run (where # is the new maximum user name length): chdev -l sys0
Integrating an AIX system in to Active Directory is not entirely straight forward. Integration in to an Active Directory domain for user authentication can be done utilizing the following steps (similar to that found in http://us1.samba.org/samba/ftp/Binary_Packages/AIX/README): Download and install the krb5.client.rte package for AIX. Download the pre-built AIX 5.2 (compatible with AIX 5.3) binaries from