[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldapRootDSE and solaris clients



On Tue, 2004-05-11 at 17:07, Igor Brezac wrote:
> This is a lost cause (fixing it via vendor route - Sun).  ;-( Apparently,
> iplanet returns namingContexts without explicitly requesting them.  This
> has been a problem since they introduced ldap client in Solaris 8.  It is
> still broken in Solaris 9, but at least you can do manual configuration.

agreed but I am still confused why it worked for me in the past - at 4
different sites with 3 individual builds of OpenLDAP. The problem only
crops up on the last installation when the server was built on Linux.

The good news is that there is a fix for this in Solaris 10 (apparently,
havent seen it yet) see bug #4877285.

GREG

ps for anyone who comes across this and wonders what the solution was:
ldapclient manual -a domainname=<foo> \
	-a proxydn=<foo> \
	-a defaultsearchbase=<foo> \
	-a authenticationmethod=<foo> \
	-a defaultserverlist="<foo> <bar>"
	-a attributemap="automount:automountmapname=ou" \
	-a attributemap="automount:automountkey=cn" \
	-a proxypassword="plain text password" \
	-a profilename=<foo>
where <foo> is whatever is relevant to you. This way it still picks up
the profile from the server. Some of the above attributes may not be
required YMMV.

-- 
Greg Matthews
iTSS Wallingford	01491 692445