[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Solaris 10 Native LDAP Client TLS



Hi Claus and Roy,
 
Thanks for the reply.
 
In fact nothing to do with sendmail, I pasted the wrong lines from /var/adm/messages, sorry for that
 
LDAP Server:  OpenLdap Linux
LDAP Clients: Linux, Solaris 10, Solaris 9 and Solaris 8
 
Following command works fine for Solaris 10 but it doesn't work for 8 and 9. Please help me I really need to sort out this.
 
ldapclient -v manual -a defaultServerList=10.10.10.10 -a defaultSearchBase=dc=test,dc=com -a authenticationMethod=tls:simple -a serviceAuthenticationMethod=pam_ldap:tls:simple -a credentialLevel=proxy -a serviceAuthenticationMethod=passwd-cmd:tls:simple -a proxyDN=cn=proxyagent,ou=Profile,dc=test,dc=com -a proxyPassword=test
 
When I ran ldaplist I get following in /var/adm/messages on Solaris 9
 
Mar 21 23:35:38 web04 ldaplist[1932]: [ID 293258 user.warning] libsldap: Status: 81  Mesg: openConnection: simple bind failed - Can't contact LDAP server
Mar 21 23:35:38 web04 ldaplist[1932]: [ID 292100 user.warning] libsldap: could not remove 203.221.221.83 from servers list
Mar 21 23:35:38 web04 ldaplist[1932]: [ID 293258 user.warning] libsldap: Status: 7  Mesg: Session error no available conn.
 
While on server I get following in debugs
 

Mar 21 23:29:50 rhapp04-t1 slapd[15119]: connection_read(10): checking for input on id=0
Mar 21 23:29:50 rhapp04-t1 slapd[15119]: connection_read(10): TLS accept error error=-1 id=0, closing
Mar 21 23:29:51 rhapp04-t1 slapd[15119]: connection_closing: readying conn=0 sd=10 for close
 
Really appreciate if someone shows me the right way to solve this issue.
 
Cheers,
 
Farhan



--


From: farhhanahmed@hotmail.com
To: openldap-technical@openldap.org
Subject: RE: Solaris 10 Native LDAP Client TLS
Date: Mon, 17 Mar 2008 13:01:56 +0000

Hi Guys,
 
I have done it for Solaris 10 but now I am facing problem in Solaris 9. Please help me
 
Still no luck with LDAP native client on Solaris 9. I am getting following message

Mar 16 02:02:59 web04 sendmail[3700]: [ID 293258 mail.warning] libsldap: Status: 81 Mesg: openConnection: simple bind failed - Can't contact LDAP server

But when I run /usr/lib/ldap/ldap_cachemgr -g, I get following which shows there is no problem

cachemgr configuration:
server debug level 0
server log file "/var/ldap/cachemgr.log"
number of calls to ldapcachemgr 19

cachemgr cache data statistics:
Configuration refresh information:
Previous refresh time: 2008/03/17 23:55:23
Next refresh time: 2008/03/18 00:55:23
Server information:
Previous refresh time: 2008/03/17 23:55:23
Next refresh time: 2008/03/18 00:05:23
server: 203.221.221.83, status: UP
Cache data information:
Maximum cache entries: 256
Number of cache entries: 0
 
ldapclient -vvv manual -a defaultServerList=10.10.10.10 -a defaultSearchBase=dc=test,dc=com -a authenticationMethod=tls:simple -a credentialLevel=proxy -a proxyDN=cn=proxyagent,ou=profile,dc=test,dc=com -a proxyPassword=test
 
Note: Same command works for Solaris 10

I really want to use LDAP native client rather than openldap client which is hassle to install gcc padle pam_ldap etc on 50 servers.

Please help me guys.

Thanks,

Farhan


 



From: farhhanahmed@hotmail.com
To: openldap-technical@openldap.org
Subject: Solaris 10 Native LDAP Client TLS
Date: Fri, 14 Mar 2008 11:55:59 +0000

Hello Guys,
 

 I am having some issues to configure LDAP Native client with TLS. Please help me to sort out this issue

LDAP Server: Linux (OpenLdap),

LDAP Client: Solaris 10 (Native Client)

When I run following command to test, it works fine,

ldapsearch -v -h test -p 636 -Z -P /var/ldap/cert8.db -b "dc=test,dc=com" -s base "objectclass=*"

ldapsearch: started Fri Mar 14 18:11:57 2008

ldap_init( test, 636 )
filter pattern: objectclass=*
returning: ALL
filter is: (objectclass=*)
version: 1
dn: dc=test,dc=com
objectClass: dcObject
objectClass: organization
o: test.com web site
dc: test
1 matches

But When I run ldapclient command to initialize ldapclient, it doesn't work, please guide me where I am doing wrong

ldapclient -v manual -a defaultServerList=10.10.10.10
-a defaultSearchBase=dc=test,dc=com
-a authenticationMethod=tls:simple
-a serviceAuthenticationMethod=pam_ldap:tls:simple
-a serviceAuthenticationMethod=keyserv:tls:simple
-a serviceAuthenticationMethod=passwd-cmd:tls:simple
-a credentialLevel=proxy
-a proxyDN=cn=Manager,ou=People,dc=test,dc=com
-a proxyPassword=passwd

After that when I run ldaplist command, I get following in /var/adm/messages

Mar 14 18:15:16 subx05-t1 nfs4cbd[1638]: [ID 293258 daemon.warning] libsldap: Status: 91 Mesg: openConnection: failed to initialize
TLS security (security library: bad database.)

Please help me guys :) I know I am very near to get it working

Thanks,

Farhan


at CarPoint.com.au It's simple! Sell your car for just $30


at CarPoint.com.au It's simple! Sell your car for just $30


Click here Fashion, beauty, health, relationship advice and horoscopes.