[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Configuring Solaris 8 clients

On Wed, 26 Mar 2003, Quanah Gibson-Mount wrote:

> --On Wednesday, March 26, 2003 9:28 AM -0500 Igor Brezac <igor@ipass.net>
> wrote:
> > On Wed, 26 Mar 2003, Quanah Gibson-Mount wrote:
> >> Igor,
> >>
> >> On my Solaris 9 box, at least, running that command started up nscd and
> >> the ldap cache manager.  It has been running on my system for several
> >> weeks without problem.  It also created /etc/defaultdomain.
> >>
> >
> > I stand corrected.  ldapclient will do all of this for you.  You do need
> > to cleanup a bit after it runs.  ldapclient restarts some services which
> > are not necessarily running (automounter in my case) and it installs a
> > default nsswitch.ldap which may need editing.  On Solaris 8 you have to do
> > this by hand; however, ldap_cachemgr is not required to run in order for
> > the ldap client to operate.  I do recommend getting solaris schema from
> > the links I mentioned earlier.  Unfortunately, automatic setup does not
> > work for both Solaris (8|9).  You need to patch openldap, or Sun needs to
> > fix the ldapclient and specify what attributes it needs from rootDN.
> Igor,
> We are not using the Solaris Schema for 8 or 9, and it works just fine.  We
> have configured our openldap server to use posixAccount, and Solaris seems
> happy with that.  The only real issue I've seen is that it complains

It will work for posix(Account|Shadow), but if you want to use other
features such as automounter, RBAC, printer, etc you will need solaris'
additions to nis.schema and other schemas.

> occasionally about default_client not existing, but it hasn't hurt
> anything.  Note too that in my original post I noted that I had made some
> changes to nsswitch.ldap.

You probably get this on Solaris 8.  ldap_cachemgr is trying to update its
configuration from ldap. If you do not want this to happen, add
NS_LDAP_CACHETTL= 0 to /var/ldap/ldap_client_file

> I'm not clear why OpenLDAP needs patching...

This is only needed for automatic client setup.  (ldapclient init ... in
case of Solaris 9)