using openldap/nss_ldap/pam module on solaris 2.6

["Mark X Lucking" <lucking_mark@jpmorgan.com>]

Help,

We are trying to use openldap with solaris2.6 to manage users accounts...

We have successfully compiled openldap.
We have successfully compiled a new pam module for authentication using ldap.
We have successfully compiled a new nss_ldap.
We have configured /etc/pam.conf to use the new pam module
We have configured /etc/ldap.conf and /usr/local/etc/slapd.conf
We have configured /etc/nsswitch.conf

After starting the slapd daemon we have added the following three entries into
the ldap database with ldapadd no problem.

dn: dc=jpmorgan,dc=geneva,dc=ch
description: jpmorgan
objectclass: organization
objectclass: dcObject

dn: ou=People,dc=jpmorgan,dc=geneva,dc=ch
description: people
objectclass: person
objectclass: dcObject

dn: uid=ldap,ou=People,dc=jpmorgan,dc=geneva,dc=ch
uid: ldap
cn: LDAP user
objectclass: account
objectclass: posixAccount
objectclass: top
userpassword: {crypt}abcdef
loginshell: /bin/ksh
uidnumber: 1517
gidnumber: 10
homedirectory: /users/ldap
gecos: LDAP user

But we need to add ObjectClass shadowAccount and indeed the correct entries as
specified in RFC2307 yes?

How? forgive me but I do not know X.500 or openldap so well...

And indeed is there another step we have missed out?

Mark



This communication is for informational purposes only.  It is not intended as
an offer or solicitation for the purchase or sale of any financial instrument
or as an official confirmation of any transaction. All market prices, data
and other information are not warranted as to completeness or accuracy and
are subject to change without notice. Any comments or statements made herein
do not necessarily reflect those of J.P. Morgan Chase & Co., its
subsidiaries and affiliates.