[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: AW: Is it possible self-authentication in Solaris 9?



Hello Matthias

> Yes its possible to use your sun as LDAP server and client.
> There are 2 possibilities yo can use pam_ldap/nss from padl.com or you
> use the ldap client which is installed by defaul.

Thanks A LOT for your fast response!
I´m very relieved to know this configuration is possible. I´m trying to
authenticate this server in itself with the native solaris ldapclient for
last 1 week, and nothing work! Then, yesterday, I was tried to compile the
pam_ldap from padl.com. I didn´t do it works yet. :-\

> 1. stop the ldap.client /etc/init.d/ldap.client stop
> 2. create 2 files under /var/ldap/ldap_client_file and
/var/ldap/ldap_client_cred
> example for /var/ldap/ldap_client_file
> NS_LDAP_SERVERS= 192.168.1.1
> NS_LDAP_SEARCH_BASEDN= dc=example,dc=net
> NS_LDAP_AUTH= NS_LDAP_AUTH_SIMPLE
> NS_LDAP_DOMAIN=example.net
> NS_LDAP_SEARCH_DN= passwd:(ou=People,dc=ViaWest,dc=Net)
> NS_LDAP_SEARCH_DN= shadow:(ou=People,dc=ViaWest,dc=Net)
> NS_LDAP_SEARCH_DN= group:(ou=group,dc=ViaWest,dc=Net)
> /var/ldap/ldap_client_cred
> NS_LDAP_BINDDN= cn=proxyagent,dc=example,dc=net
> NS_LDAP_BINDPASSWD= {NS1}xxxxxxxxxx
> 3. edit your nsswith.conf
> passwd: files ldap [TRYAGAIN=5]
> group: files ldap [TRYAGAIN=5]
> and finaly
> /etc/init.d/ldap.client start
> I found the examples in the net because i  could not see to my sun box.
If it wont work with these
> examples i would send you my files.
> greetings Matthias

The problem is that these files are created automatically when the client
is configured using the ldapclient command. Once time, I was tried to edit
manually these files, but my log file went wild. Do you have the original
command? For example:

ldapclient init -a profileName=profile-mci -a domainName=int-evry.fr -a
proxyDn=cn=proxyagent,ou=profile,dc=int-evry,dc=fr 157.159.55.199
credentialLevel requires proxyPassword

Thanks a lot again and best regards.

-----Ursprüngliche Nachricht-----
Von: luiz@pucrs.br [mailto:luiz@pucrs.br]
Gesendet: Dienstag, 26. August 2003 00:53
An: openldap-software@OpenLDAP.org
Betreff: Is it possible self-authentication in Solaris 9?


Dear Sir

I´m designing a network using OpenLDAP. In the beginning, I use one Debian
OpenLDAP server, but the most of services are running in one Solaris 9.
Then, I´m trying to disable the Debian LDAP server transfering this service
to the Solaris 9 box too (for the machine economy :-) ). But I couldn´t to
authenticate the server yet. For other workstations it´s working.
In the Solaris docs, there are one note saying that it´s not possible in
the Solaris LDAP server. But is it possible with OpenLDAP? Has anyone using
one Solaris to authenticate itself?
Thanks for any help.