[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: solaris 9 and openldap

Title: RE: solaris 9 and openldap

Would you be able to post what you have already. Solaris is fighting me tooth and nail.  Linux on the other hand is grrreeat!

The schem defs and the actual directory setup is going to be the meat of it.....correct?

Terry Inzauro

-----Original Message-----
From: Greg Matthews [mailto:gmatt@nerc.ac.uk]
Sent: Monday, July 07, 2003 11:33 AM
To: jehan procaccia
Cc: openldap-software@OpenLDAP.org
Subject: Re: solaris 9 and openldap

I've used native Solaris modules for a couple of reasons -
1. pragmatic, Sun are bound to change something in the next release and
sticking with native stuff is probably safer in this respect
2. problematic, I never managed to get PADL stuff to work properly on
Solaris altho I came close before I discovered that 1 was possible.
3. encryption, sol9 and sol8 (with patch 118993) can use tls encryption

I've finally got it working well with OpenLDAP running on a Sol9 server
and Sol8 Sol9 and Linux clients. TLS isnt mandatory but once you've got
simple auth working its good to encrypt everything.

I'm currently writing up my notes on this and will post to the list when
they are complete. Scan the archives for lots of good advice too.

schema - yes solaris uses some schema that have to be included in the
slapd.conf but its very simple:
include <schema.file>

good luck


On Mon, 2003-07-07 at 16:22, jehan procaccia wrote:
> hello,
> I am trying to authenticate a solaris 9 client station to an openldap
> server 2.1.22.
> I've seen lots of howto/threads on the net, but most are related to
> solaris 8, and I wonder/hope that things get simpler with solaris 9 !
> -1st, which way to go -> use solaris 9 native ldap command and tools
> (ldapclient manual, ldap_cachemgr ...), or use self compile and install
> tools from padl (nss and pam ldap) ?
> -2nd, I've read a lot about adding schema definition to openldap in
> order to accept solaris client authentification, is it still mandatory
> to do it ?
> http://www.ypass.net/solaris8/openldap/openldap-2.0.8-solaris8.patch.gz
> http://www.ypass.net/solaris8/openldap/nisschema.html
> -3rd, can I first start without TLS/SSL binds, I just want to start with
> a simple configuration, TLS/SSL are mandatory ?
> Thanks to let me know which way to go.
Greg Matthews
iTSS Wallingford        01491 692445