[Date Prev][Date Next] [Chronological] [Thread] [Top]

AW: AW: Is it possible self-authentication in Solaris 9?



I didn't used the ldapclient command. I changed the files manually. But its necessary to stop the chachemgr before (see step 1). Otherwise your changes will have no effects. If you aren't using any authentication you just had to create a empty ldap_client_cred file. And if you are starting the ldap.client script and a error occurred. Have a look at your messages files. There you will find more information especially for syntax errors :-)

greetings Matthias


> Yes its possible to use your sun as LDAP server and client.
> There are 2 possibilities yo can use pam_ldap/nss from padl.com or you
> use the ldap client which is installed by defaul.

Thanks A LOT for your fast response!
I´m very relieved to know this configuration is possible. I´m trying to
authenticate this server in itself with the native solaris ldapclient for
last 1 week, and nothing work! Then, yesterday, I was tried to compile the
pam_ldap from padl.com. I didn´t do it works yet. :-\

> 1. stop the ldap.client /etc/init.d/ldap.client stop
> 2. create 2 files under /var/ldap/ldap_client_file and
/var/ldap/ldap_client_cred
> example for /var/ldap/ldap_client_file
> NS_LDAP_SERVERS= 192.168.1.1
> NS_LDAP_SEARCH_BASEDN= dc=example,dc=net
> NS_LDAP_AUTH= NS_LDAP_AUTH_SIMPLE
> NS_LDAP_DOMAIN=example.net
> NS_LDAP_SEARCH_DN= passwd:(ou=People,dc=ViaWest,dc=Net)
> NS_LDAP_SEARCH_DN= shadow:(ou=People,dc=ViaWest,dc=Net)
> NS_LDAP_SEARCH_DN= group:(ou=group,dc=ViaWest,dc=Net)
> /var/ldap/ldap_client_cred
> NS_LDAP_BINDDN= cn=proxyagent,dc=example,dc=net
> NS_LDAP_BINDPASSWD= {NS1}xxxxxxxxxx
> 3. edit your nsswith.conf
> passwd: files ldap [TRYAGAIN=5]
> group: files ldap [TRYAGAIN=5]
> and finaly
> /etc/init.d/ldap.client start
> I found the examples in the net because i  could not see to my sun box.
If it wont work with these
> examples i would send you my files.
> greetings Matthias

The problem is that these files are created automatically when the client
is configured using the ldapclient command. Once time, I was tried to edit
manually these files, but my log file went wild. Do you have the original
command? For example:

ldapclient init -a profileName=profile-mci -a domainName=int-evry.fr -a
proxyDn=cn=proxyagent,ou=profile,dc=int-evry,dc=fr 157.159.55.199
credentialLevel requires proxyPassword

Thanks a lot again and best regards.

-----Ursprüngliche Nachricht-----
Von: luiz@pucrs.br [mailto:luiz@pucrs.br]
Gesendet: Dienstag, 26. August 2003 00:53
An: openldap-software@OpenLDAP.org
Betreff: Is it possible self-authentication in Solaris 9?


Dear Sir

I´m designing a network using OpenLDAP. In the beginning, I use one Debian
OpenLDAP server, but the most of services are running in one Solaris 9.
Then, I´m trying to disable the Debian LDAP server transfering this service
to the Solaris 9 box too (for the machine economy :-) ). But I couldn´t to
authenticate the server yet. For other workstations it´s working.
In the Solaris docs, there are one note saying that it´s not possible in
the Solaris LDAP server. But is it possible with OpenLDAP? Has anyone using
one Solaris to authenticate itself?
Thanks for any help.