Re: Solaris 10 Native Client connecting to OpenLdap How to needed

[adam@spoontech.biz]

Hi, I manage an OpenLDAP environment consisting of Linux, Solaris and AIX.

Here is the Schema I use for Solaris 10.

Hope this helps.

# Sun nisMapEntry attributes
attributetype ( 1.3.6.1.1.1.1.28
        NAME 'nisPublickey'
        DESC 'nisPublickey'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.1.1.1.29
        NAME 'nisSecretkey'
        DESC 'nisSecretkey'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.1.1.1.12 SUP name
        NAME 'nisDomain' )

# Sun additional attributes to RFC2307 attributes (NIS)
attributetype ( 2.16.840.1.113730.3.1.30
        NAME 'mgrpRFC822MailMember'
        DESC 'mgrpRFC822MailMember'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

#attributetype ( 1.3.6.1.4.1.42.2.27.2.1.15
#        NAME 'rfc822MailMember'
#        DESC 'rfc822MailMember'
#        EQUALITY caseIgnoreIA5Match
#        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.42.2.27.1.1.12
        NAME 'nisNetIdUser'
        DESC 'nisNetIdUser'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.42.2.27.1.1.13
        NAME 'nisNetIdGroup'
        DESC 'nisNetIdGroup'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.42.2.27.1.1.14
        NAME 'nisNetIdHost'
        DESC 'nisNetIdHost'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

# Sun NIS publickey objectclass
objectclass ( 1.3.6.1.1.1.2.14
        NAME 'NisKeyObject'
        DESC 'NisKeyObject'
        SUP top
        MUST ( cn $ nisPublickey $ nisSecretkey )
        MAY ( uidNumber $ description ) )

# Sun NIS domain objectclass
objectclass ( 1.3.1.6.1.1.1.2.15
        NAME 'nisDomainObject'
        DESC 'nisDomainObject'
        SUP top AUXILIARY
        MUST ( nisDomain ) )

# Sun NIS mailGroup objectclass
objectclass ( 2.16.840.1.113730.3.2.4
        NAME 'mailGroup'
        DESC 'mailGroup'
        SUP top
        MUST ( mail )
        MAY ( cn $ mgrpRFC822MailMember ) )

# Sun NIS nisMailAlias objectclass
#objectclass ( 1.3.6.1.4.1.42.2.27.1.2.5
#        NAME 'nisMailAlias'
#        DESC 'nisMailAlias'
#        SUP top
#        MUST ( cn )
#        MAY ( rfc822mailMember ) )

# Sun NIS nisNetId objectclass
objectclass ( 1.3.6.1.4.1.42.2.27.1.2.6
        NAME 'nisNetId'
        DESC 'nisNetId'
        SUP top
        MUST ( cn )
        MAY ( nisNetIdUser $ nisNetIdGroup $ nisNetIdHost ) )

# Below is optional unless you want to use ldap_gen_profile
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.15 SUP name
        NAME 'SolarisLDAPServers'
        DESC 'SolarisLDAPServers'
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.16 SUP name
        NAME 'SolarisSearchBaseDN'
        DESC 'SolarisSearchBaseDN'
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.17
        NAME 'SolarisCacheTTL'
        DESC 'SolarisCacheTTL'
        EQUALITY integerMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.18 SUP name
        NAME 'SolarisBindDN'
        DESC 'SolarisBindDN'
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.19 SUP name
        NAME 'SolarisBindPassword'
        DESC 'SolarisBindPassword'
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.20 SUP name
        NAME 'SolarisAuthMethod'
        DESC 'SolarisAuthMethod'
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.21 SUP name
        NAME 'SolarisTransportSecurity'
        DESC 'SolarisTransportSecurity'
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.24 SUP name
        NAME 'SolarisDataSearchDN'
        DESC 'SolarisDataSearchDN'
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.25 SUP name
        NAME 'SolarisSearchScope'
        DESC 'SolarisSearchScope'
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.26
        NAME 'SolarisSearchTimeLimit'
        DESC 'SolarisSearchTimeLimit'
        EQUALITY integerMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.27 SUP name
        NAME 'SolarisPreferedServer'
        DESC 'SolarisPreferedServer' )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.28 SUP name
        NAME 'SolarisPreferedServerOnly'
        DESC 'SolarisPreferedServerOnly'
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.42.2.27.5.1.29 SUP name
        NAME 'SolarisSearchReferral'
        DESC 'SolarisSearchReferral'
        SINGLE-VALUE )

objectclass ( 1.3.6.1.4.1.42.2.27.5.2.7
        NAME 'SolarisNamingProfile'
        DESC 'Solaris LDAP NSS Profile'
        SUP top STRUCTURAL
        MUST ( cn $ SolarisLDAPServers )
        MAY ( SolarisBindDN $ SolarisBindPassword $
              SolarisSearchBaseDN $ SolarisAuthMethod $
              SolarisTransportSecurity $ SolarisSearchReferral $
              SolarisDataSearchDN $ SolarisSearchScope $
              SolarisSearchTimeLimit $ SolarisCacheTTL ) )

# End of solaris.schema
> I am working on getting a bunch of Solaris 10 hosts connected to OpenLdap.
> I am not Ldap expert by far however I must get this working.
>
> I have 0 issues getting Linux clients to connect but Solaris 10 how to's
> docs are very evasive.
>
> I have searched everywhere the best I can find is a few online docs that
> say you need to load a custom schema.
>
> I just need user / passwd authentication to a directory nothing more. Will
> not be using TLS..
>


-----------------------
Adam Nye
Spoon Technologies
PO Box 15
O'Halloran Hill
-----------------------