[Date Prev][Date Next] [Chronological] [Thread] [Top]

Openldap server under linux with solaris9 ldap client



Spec: -openldap server 2.0 on redHat7.3 
-ldapclient on solaris9 
-populate the server with migration tools of openldap 

hi, 

1)I do have some trouble to understand what is the difference between
the credential and the authentication.
-Does the credential allow only to bind to the ldap server and to let
make any request to the ldap server as long as the slapd.conf allow
them.???
-Then, the authentication allow a person (with having the good
credential) to authenticate himself to the ldap server, and allow him to
extend his privilege in function of the Access Control (defined in the
slapd.conf)???

2)what are the entries that has to be changed in nsswitch.conf to let a
user under Solaris9 to log in ?? Do I have to only change the entry
passwd to : "passwd: files ldap"

3)If I don't mention any authentication method in ldap_client (I've
checked that there is no entry with "serviceAuthenticationMethod")..Then
my system should log in the ldap server as ANONYMOUS ??

4)I often see the passwd encrypted in {crypt}XXYYZZ..which kind of
encryption it is...and does it means that XXYYZZ was encrypted with
{CRYPT}??

5)when I type 
getent passwd coco
coco::4799:4700:coco coicoi:/home/coco:/bin/tcsh
     ^-- is that normal that no passwd is given?

6)after changing my nsswitch.conf anp put almost all the entries with
ldap. I can see that right after typing under solaris:

#login coco <enter>

I catch with tcp-dump, that the my solarisbox is asking for the:
filter=(&(objectClass=shadowAccount)(uid=coco))

but after typing the password under solaris.,..I get on my Solaris box.
Invalid login .... :( aaaargh

thank you in advance

briner