[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: using openldap/nss_ldap/pam module on solaris 2.6

Glad you posted this.  I am going through a similar situation, although have
not progressed as far as you have.  At this point, I have found precious
little documentation on how to do this and am unclear on the role of the
nss_ldap module (i.e. why doesn't the ldap_pam module suffice?) Can you (or
anybody who has done this successfully) either:

1) Post the relevant pieces of your pam.conf, ldap.conf and nsswitch.conf
2) Point out some docs that got you as far as you did?

or even both...

Thanks in advance,


& -----Original Message-----
& From: owner-openldap-software@OpenLDAP.org
& [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Mark X Lucking
& Sent: Tuesday, April 10, 2001 6:53 AM
& To: openldap-software@OpenLDAP.org
& Subject: using openldap/nss_ldap/pam module on solaris 2.6
& Help,
& We are trying to use openldap with solaris2.6 to manage users accounts...
& We have successfully compiled openldap.
& We have successfully compiled a new pam module for authentication
& using ldap.
& We have successfully compiled a new nss_ldap.
& We have configured /etc/pam.conf to use the new pam module
& We have configured /etc/ldap.conf and /usr/local/etc/slapd.conf
& We have configured /etc/nsswitch.conf
& After starting the slapd daemon we have added the following three
& entries into
& the ldap database with ldapadd no problem.
& dn: dc=jpmorgan,dc=geneva,dc=ch
& description: jpmorgan
& objectclass: organization
& objectclass: dcObject
& dn: ou=People,dc=jpmorgan,dc=geneva,dc=ch
& description: people
& objectclass: person
& objectclass: dcObject
& dn: uid=ldap,ou=People,dc=jpmorgan,dc=geneva,dc=ch
& uid: ldap
& cn: LDAP user
& objectclass: account
& objectclass: posixAccount
& objectclass: top
& userpassword: {crypt}abcdef
& loginshell: /bin/ksh
& uidnumber: 1517
& gidnumber: 10
& homedirectory: /users/ldap
& gecos: LDAP user
& But we need to add ObjectClass shadowAccount and indeed the
& correct entries as
& specified in RFC2307 yes?
& How? forgive me but I do not know X.500 or openldap so well...
& And indeed is there another step we have missed out?
& Mark
& This communication is for informational purposes only.  It is not
& intended as
& an offer or solicitation for the purchase or sale of any
& financial instrument
& or as an official confirmation of any transaction. All market prices, data
& and other information are not warranted as to completeness or accuracy and
& are subject to change without notice. Any comments or statements
& made herein
& do not necessarily reflect those of J.P. Morgan Chase & Co., its
& subsidiaries and affiliates.