[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: solaris 9 and openldap

Greg Matthews wrote:

I've used native Solaris modules for a couple of reasons - 1. pragmatic, Sun are bound to change something in the next release and
sticking with native stuff is probably safer in this respect
2. problematic, I never managed to get PADL stuff to work properly on
Solaris altho I came close before I discovered that 1 was possible.
3. encryption, sol9 and sol8 (with patch 118993) can use tls encryption

Indeed I think it's wiser to stay with solaris native tools.

I've finally got it working well with OpenLDAP running on a Sol9 server
and Sol8 Sol9 and Linux clients. TLS isnt mandatory but once you've got
simple auth working its good to encrypt everything.

to simplifie, first I'd like to do it without TLS.

I'm currently writing up my notes on this and will post to the list when they are complete. Scan the archives for lots of good advice too.

OK, I'll be waiting for you notes....

schema - yes solaris uses some schema that have to be included in the slapd.conf but its very simple: include <schema.file>

which one ?
This ?


patching openldap server to ease rootDSE queries is also mandatory ?


good luck


On Mon, 2003-07-07 at 16:22, jehan procaccia wrote:


I am trying to authenticate a solaris 9 client station to an openldap server 2.1.22.
I've seen lots of howto/threads on the net, but most are related to solaris 8, and I wonder/hope that things get simpler with solaris 9 !

-1st, which way to go -> use solaris 9 native ldap command and tools (ldapclient manual, ldap_cachemgr ...), or use self compile and install tools from padl (nss and pam ldap) ?
-2nd, I've read a lot about adding schema definition to openldap in order to accept solaris client authentification, is it still mandatory to do it ?


-3rd, can I first start without TLS/SSL binds, I just want to start with a simple configuration, TLS/SSL are mandatory ?

Thanks to let me know which way to go.