[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: mapping one search to another

To: "Smith, Steve" <Steve.Smith@CommerzbankIB.com>
Subject: RE: mapping one search to another
From: Greg Matthews <gmatt@nerc.ac.uk>
Date: 24 Jun 2003 16:07:03 +0100
Cc: "'openldap-software@openldap.org'" <openldap-software@OpenLDAP.org>
In-reply-to: <C431DC860286D611B5950002A5414A8E01650045@xmx11lonib.lonib.commerzbank.com>
Organization: iTSS
References: <C431DC860286D611B5950002A5414A8E01650045@xmx11lonib.lonib.commerzbank.com>

Hi Steve

So far I've only got the native stack to work with any success and only
unencrypted. Getting the padl modules to work is proving difficult (for
me anyway). Also according to Sun, Sol9 *requires* the use of profiles
which pretty much necessitates the use of the native pam because it
looks in /var/ldap/ldap_client_file rather than /path/to/your/ldap.conf

(I could be wrong about this - I'm not a Solaris expert, by a long shot)

If I'm using padl's pam module (pam_ldap.so.1) do I need to use the nss
module as well? what is the difference between this and the solaris
nss_ldap.so.1?

I would prefer to use the solaris stuff but encryption is my main aim at
the moment and I'm willing to try anything to get it working.

Doesnt anyone run encrypted solaris clients on openldap server?

GREG

On Tue, 2003-06-24 at 15:40, Smith, Steve wrote:
> Are you using the native ldap client or the openldap/padl stack?
> 
> > 
> > I'm using openldap 2.1.21 running on Solaris9. I've got it working and
> > behaving itself with a RedHat9 client (with tls) and also 
> > with solaris 8
> > (without encryption).
> > 
> > I now need to get it working with sol9 but sol9 searches for
> > (&(objectclass=automount)(automountkey=foobar)) as opposed to 
> > solaris 8
> > (&(nismapname=auto.users)(cn=foobar)) when searching for the 
> > users home
> > directories (where foobar is the user group corresponding to
> > /home/foobar/username home directory).
> > 
> > How can I map one onto the other? do I need a service search 
> > descriptor
> > or objectclass mapping or attribute mapping? Am I oversimplifying the
> > problem? 
> > 
> > apologies if this is a faq (i cant find it)...
> > 
> > TIA
> > 
> > GREG
> > -- 
> > Greg Matthews
> > iTSS Wallingford	01491 692445
> > 
> 
> 
> ********************************************************************** 
> This is a commercial communication from Commerzbank AG.
> 
> This communication is confidential and is intended only for the person to
> whom it is addressed.  If you are not that person you are not permitted to
> make use of the information and you are requested to notify
> <mailto:LONIB.Postmaster@commerzbankib.com> immediately that you have
> received it and then destroy the copy in your possession.
> 
> Commerzbank AG may monitor outgoing and incoming e-mails. By replying to
> this e-mail you consent to such monitoring. This e-mail message and any
> attached files have been scanned for the presence of computer viruses.
> However, you are advised that you open attachments at your own risk.
> 
> This email was sent either by Commerzbank AG, London Branch, or by
> Commerzbank Securities, a division of Commerzbank.  Commerzbank AG is a
> limited liability company incorporated in the Federal Republic of Germany.
> Registered Company Number in England BR001025. Our registered address in
> the UK is 23 Austin Friars, London, EC2P 2JD. We are regulated by the
> Financial Services Authority for the conduct of investment business in the
> UK and we appear on the FSA register under number 124920. 
> 
> **********************************************************************
-- 
Greg Matthews
iTSS Wallingford	01491 692445

References:
- RE: mapping one search to another
  - From: "Smith, Steve" <Steve.Smith@CommerzbankIB.com>

Prev by Date: RE: mapping one search to another
Next by Date: RE: mapping one search to another
Index(es):
- Chronological
- Thread