[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldapRootDSE and solaris clients

On Tue, 2004-05-11 at 17:07, Igor Brezac wrote:
> This is a lost cause (fixing it via vendor route - Sun).  ;-( Apparently,
> iplanet returns namingContexts without explicitly requesting them.  This
> has been a problem since they introduced ldap client in Solaris 8.  It is
> still broken in Solaris 9, but at least you can do manual configuration.

agreed but I am still confused why it worked for me in the past - at 4
different sites with 3 individual builds of OpenLDAP. The problem only
crops up on the last installation when the server was built on Linux.

The good news is that there is a fix for this in Solaris 10 (apparently,
havent seen it yet) see bug #4877285.


ps for anyone who comes across this and wonders what the solution was:
ldapclient manual -a domainname=<foo> \
	-a proxydn=<foo> \
	-a defaultsearchbase=<foo> \
	-a authenticationmethod=<foo> \
	-a defaultserverlist="<foo> <bar>"
	-a attributemap="automount:automountmapname=ou" \
	-a attributemap="automount:automountkey=cn" \
	-a proxypassword="plain text password" \
	-a profilename=<foo>
where <foo> is whatever is relevant to you. This way it still picks up
the profile from the server. Some of the above attributes may not be
required YMMV.

Greg Matthews
iTSS Wallingford	01491 692445