[Date Prev][Date Next]
Re: Solaris 9 LDAP client issues
On Wed, 21 Aug 2002, Scott Moorhouse wrote:
> Igor Brezac wrote:
> >>NS_LDAP_FILE_VERSION= 2.0
> >>NS_LDAP_SERVERS= my.ldap.server.ip
> >>NS_LDAP_SEARCH_BASEDN= dc=mydomain,dc=com
> >>NS_LDAP_SEARCH_SCOPE= sub
> >>NS_LDAP_CREDENTIAL_LEVEL= proxy
> >>NS_LDAP_SERVICE_SEARCH_DESC= automount:ou=AutomountMaps,dc=mydomain,dc=com
> >Here is your problem. Add
> >NS_LDAP_AUTH= simple
> >default is none. Restart nscd and ldap.client or reboot after you make
> >this change.
> This was exactly the problem.
> For those who like to use the ldapclient tool to configure, you need -a
> authenticationMethod=simple to your command line.
> Once you said this it all made sense and I was even able to find the
> passage in the documentation where it says that the client defaults to
> "none" authentication (even if you have so diligently given it a proxyDN
> and a proxyPassword with which to use for authentication).
> Now if there was just some good documentation on how to get it working
> with TLS... http://www.bolthole.com/solaris/LDAP.html is great but it
> only applies if you are going to use the padl.com nss library and pam
> module. Anybody gotten this working with Solaris 9's native tools?
I have not. I protect the transport layer (via vpn/ipsec) or I use
localhost to connect to an ldap server. You can also try ssh port
forwarding feature (this is kinda half baked solution).
Have you seen:
Maybe this will help you.