Re: IRIX OS/OpenLDAP integration

[Juan Carlos Gomez <gomez@cthulhu.engr.sgi.com>]

Jeff,

I have a patch for that problem do you want to test it?

If you test it successfully we may be able to ship it faster....




Juan

PS: please email me if you are interested.


Jeff Clowser wrote:

> I've been playing with the nsd stuff in IRIX, which is
> similar to the nss stuff from PADL for authing Unix
> logins against ldap but comes as a standard part of the
> IRIX OS now.  I'm trying to get that to work with
> openldap.
>
> One thing I ran into is the following:
> IRIX takes a bunch of attributes from an objectclass
> posixAccount record to build the equivalent of the lines
> found in /etc/passwd.  One of the attributes it grabs is
> userPassword.
>
> If I make userpassword the unix crypted password, it
> works for IRIX logins, but not for ldap auth (for other
> services).  If I put it in the proper format for ldap
> auth, it doesn't work for IRIX logins.  I.e.:
>
> userPassword: cryptedpass         <--works for IRIX login
> userPassword: {crypt}cryptedpass  <--works for ldap bind
>
> I tried using plaintext passwords also, but it doesn't
> like that.  I can change the attribute IRIX looks at,
> but I'd prefer not to have to use 2 attributes to hold
> different forms of the same password info - if nothing
> else, I have to create special password changing utils,
> and any common utils to change passwords (like ldappasswd)
> would break things by only changing one occurance...
>
> Anyone played with this on IRIX and got it to work the
> "right" way?
>
> --
>  Jeff Clowser
>  mailto:jclowser@aerotek.com       Hanover MD  21076 USA
>  Phone: (410)-579-4328             7312 Parkway Drive