[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Solaris 9 LDAP client issues



On Wed, 21 Aug 2002, Scott Moorhouse wrote:

>
>
> Igor Brezac wrote:
>
> >>/var/ldap/ldap_client_file
> >>NS_LDAP_FILE_VERSION= 2.0
> >>NS_LDAP_SERVERS= my.ldap.server.ip
> >>NS_LDAP_SEARCH_BASEDN= dc=mydomain,dc=com
> >>NS_LDAP_SEARCH_SCOPE= sub
> >>NS_LDAP_CREDENTIAL_LEVEL= proxy
> >>NS_LDAP_SERVICE_SEARCH_DESC= automount:ou=AutomountMaps,dc=mydomain,dc=com
> >>
> >>
> >>
> >
> >Here is your problem.  Add
> >NS_LDAP_AUTH= simple
> >
> >default is none.  Restart nscd and ldap.client or reboot after you make
> >this change.
> >
> This was exactly the problem.
> For those who like to use the ldapclient tool to configure, you need -a
> authenticationMethod=simple to your command line.
> Once you said this it all made sense and I was even able to find the
> passage in the documentation where it says that the client defaults to
> "none" authentication (even if you have so diligently given it a proxyDN
> and a proxyPassword with which to use for authentication).
>
> Now if there was just some good documentation on how to get it working
> with TLS... http://www.bolthole.com/solaris/LDAP.html is great but it
> only applies if you are going to use the padl.com nss library and pam
> module.  Anybody gotten this working with Solaris 9's native tools?
>

I have not.  I protect the transport layer (via vpn/ipsec) or I use
localhost to connect to an ldap server.  You can also try ssh port
forwarding feature (this is kinda half baked solution).

Have you seen:
http://docs.sun.com/?p=/doc/806-4077/6jd6blber&a=view#clientsetup-57
Maybe this will help you.

-- 
Igor