[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Configuring Solaris 8 clients

On Tue, 25 Mar 2003, Matthew Mauzy wrote:

> I've been banging my head against the wall for the last couple of weeks
> trying to get Solaris 8 clients to play nice with my openLDAP v2.1.12
> server.  I have the openldap server up and running and am able to configure
> redhat 8 systems to use the directory's account info to login.  I am using
> krb5 for password info (if that has any bearing on the problem).  I'm
> trying to use 'ldapclient -v -P default <ip address>' but kept getting the
> error "Cannont find the rootDN".  I've tried editing the
> /var/ldap/ldap_client_file and ldap_client_cred files and am seeing traffic
> going to the ldap server but no luck.  In reading through Sun's LDAP Setup
> and Configuration Guide, Sun has you verify that the Directory Server
> supports simple page mode control with the command 'ldapsearch -b "" -s
> base objectclass=\*'.  My server doesn't return the same info that the

You need to specify attribute lists you want retrieved.  Try
ldapsearch -b "" -s base 'objectclass=*' +

Unfortunately, ldapclient does not do this and Sun is not going to fix
the problem.  Solaris 9 ldapclient is broken as well.  I wrote a patch
for openldap 2.0.x awhile back.  I can port the patch to the latest
version of openldap.  Or, you can manually configure the solaris 8 ldap
client.  It looks like you tried to do this, but it did not work.  What
are the contents of /var/ldap/ldap_client_file?

This is an OT post for this list, news:comp.unix.solaris is probably more
appropriate place for such questions.  You can also email me if you have
any questions.

> guide example does, in fact it doesn't return much:
> #
> dn:
> objectClass: top
> objectClass: OpenLDAProotDSE
> When I check the NIS Domain object I get:
> # amath.unc.edu
> dn: dc=amath,dc=unc,dc=edu
> dc: amath
> objectClass: top
> objectClass: domain
> objectClass: dcObject
> objectClass: nisDomainObject
> nisDomain: amath.unc.edu
> I've seen some posts that have pointed out possible problems with the
> objectClass: dcObject.  Is this the source of the problem???
> Here's the output of my default profile that is in the Dir:
> # default, profile, amath.unc.edu
> dn: cn=default,ou=profile,dc=amath,dc=unc,dc=edu
> SolarisBindDN: cn=solaris,ou=ldapusers,dc=amath,dc=unc,dc=edu
> SolarisSearchBaseDN: dc=amath,dc=unc,dc=edu
> SolarisAuthMethod: NS_LDAP_AUTH_SIMPLE
> SolarisTransportSecurity: NS_LDAP_SEC_NONE
> SolarisSearchReferral: NS_LDAP_FOLLOWREF
> SolarisSearchScope: NS_LDAP_SCOPE_ONELEVEL
> SolarisSearchTimeLimit: 30
> SolarisCacheTTL: 3600
> cn: default
> objectClass: top
> objectClass: SolarisNamingProfile
> SolarisLDAPServers: kerberos-1.fully.qualified.domain.name
> SolarisBindPassword: {NS1}xxxxxxxxxxxx
> It's much to pretty a day to be stuck battling Sun and LDAP...
> Any and all insight GREATLY appreciated.
> --Matthew
> __________________________________________________________________
>                         Matthew W. Mauzy
>                       Systems Administrator
>                       Applied Math @ UNC-CH
> email : mauzy@amath.unc.edu           pager : mpager@amath.unc.edu
>  (W) 919.962.9819   www.amath.unc.edu/~mauzy/   (P) 919.347.0390
> __________________________________________________________________