./configure --with-ldap-lib=netscape5 --with-ldapdir=/export/home/dav/Netscape/ldapcsdk5[1].08-SunOS5.8 --enable-ssl
-----Original Message-----
From: henk.coenen@philips.com [mailto:henk.coenen@philips.com]
Sent: Wednesday, June 19, 2002 8:20 PM
To: openldap-software@OpenLDAP.org
Subject: NSS_LDAP Solaris and Active directory
Hello all,
We are currently working on replacing NIS by a LDAP directory (iPlanet or Active
Directory). Initially we will focus on moving the UNIX account information into a LDAP
directory in order to enable a single point of account administration. We already
have deployed kerberos to implement a Single Sign-On infrastructure between UNIX
and Windows 2000, so we would like to use the Active Director
We have encountered a number of problems with respect to compatibility of the LDAP
client on Solaris in combination with Active Directory. We are looking for a solution that
works with the schema changes implemented by Microsoft Services for UNIX (MSFU).
Currently we have two demo environments:
Situation 1: Directory implemented by iPlanet
o HP-UX making use of native LDAP client -- OK
o Linux making use of NSS_LDAP software -- OK
o Solaris making use of native LDAP client -- OK
Situation 2: Directory implemented by Active Directory + MSFU
o HPUX making use of native LDAP client -- OK
o Linux making use of NSS_LDAP software -- OK
o Solaris making use of both native LDAP client and NSS_LDAP software -- NOT OK
Situation 1 is working fine!
In situation 2 we have compatibility problems with the Solaris LDAP clients and Active
Directory. This is true for both the native LDAP implementation on Solaris and also for
the NSS_LDAP implementation.
With regard to these problems we have some questions:
1. Who has the Solaris native LDAP client running in combination with the Active Directory
as primary naming service to replace NIS?
2. We compiled the NSS_LDAP v191 for Solaris 2.8 making use of BerkeleyDB4.0.14 and
openldap, but unfortunately things do not work as would like. Who has the NSS_LDAP
software running in combination with the Active Directory ?
If yes. what did you use in combination with NSS_LDAP, how did you compile
and configure things, or in other words where can we find a recep
Thanks in advance
Henk
Ir H.G.P. (Henk) Coenen phone: +31-40-2744161
Philips Research Laboratories
Prof Holstlaan 4,
5656 AA Eindhoven, The Netherlands
Mailto:henk.coenen@philips.com