[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: solaris 9 and openldap

To: Greg Matthews <gmatt@nerc.ac.uk>
Subject: Re: solaris 9 and openldap
From: jehan procaccia <jehan.procaccia@int-evry.fr>
Date: Tue, 08 Jul 2003 09:51:24 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <1057595564.30455.7.camel@lea.nerc-wallingford.ac.uk>
References: <3F09904C.8060601@int-evry.fr> <1057595564.30455.7.camel@lea.nerc-wallingford.ac.uk>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030530

Greg Matthews wrote:

I've used native Solaris modules for a couple of reasons - 1. pragmatic, Sun are bound to change something in the next release and sticking with native stuff is probably safer in this respect 2. problematic, I never managed to get PADL stuff to work properly on Solaris altho I came close before I discovered that 1 was possible. 3. encryption, sol9 and sol8 (with patch 118993) can use tls encryption

Indeed I think it's wiser to stay with solaris native tools.

I've finally got it working well with OpenLDAP running on a Sol9 server
and Sol8 Sol9 and Linux clients. TLS isnt mandatory but once you've got
simple auth working its good to encrypt everything.

to simplifie, first I'd like to do it without TLS.


I'm currently writing up my notes on this and will post to the list when
they are complete. Scan the archives for lots of good advice too.

OK, I'll be waiting for you notes....


schema - yes solaris uses some schema that have to be included in the
slapd.conf but its very simple:
include <schema.file>

which one ?
This ?

http://www.ypass.net/solaris8/openldap/nisschema.html

patching openldap server to ease rootDSE queries is also mandatory ?
http://www.ypass.net/solaris8/openldap/openldap-2.0.8-solaris8.patch.gz


Thanks.

good luck
GREG
On Mon, 2003-07-07 at 16:22, jehan procaccia wrote:
hello,
I am trying to authenticate a solaris 9 client station to an openldap server 2.1.22. I've seen lots of howto/threads on the net, but most are related to solaris 8, and I wonder/hope that things get simpler with solaris 9 !

-1st, which way to go -> use solaris 9 native ldap command and tools (ldapclient manual, ldap_cachemgr ...), or use self compile and install tools from padl (nss and pam ldap) ? -2nd, I've read a lot about adding schema definition to openldap in order to accept solaris client authentification, is it still mandatory to do it ? http://www.ypass.net/solaris8/openldap/openldap-2.0.8-solaris8.patch.gz
http://www.ypass.net/solaris8/openldap/nisschema.html
-3rd, can I first start without TLS/SSL binds, I just want to start with a simple configuration, TLS/SSL are mandatory ?

Thanks to let me know which way to go.

References:
- solaris 9 and openldap
  - From: jehan procaccia <jehan.procaccia@int-evry.fr>
- Re: solaris 9 and openldap
  - From: Greg Matthews <gmatt@nerc.ac.uk>

Prev by Date: Re: LDAP Filter Problem
Next by Date: Re: LDAP Filter Problem
Index(es):
- Chronological
- Thread