|
> Date: Fri, 27 Aug 2010 21:33:42 +1200 > From: ian@ianshome.com > To: stuart_cherrington@hotmail.co.uk > Subject: Re: Getting Solaris to use Openldap > > On 08/27/10 08:48 PM, Stuart Cherrington wrote: > > Hi, > > > > I Have an OpenLDAP 2.4.18 server on RHEL 5.3. I can get Linux clients > > to use the master by use of the /etc/ldap.conf file. I'm now trying to > > get a SOlaris 10 client to use the master by initialising with the > > default profileName. If I run: > > > > ldapclient -v init -a proxypassword=xxxxx -a > > proxydn=cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -a > > domainname=ldn.sw.com 10.2.250.15 > > > I also add a -a profileName=default Shouldn't need to add this as ldapclient takes 'default' as the default profilename if not specified. I did try it with this anyway but got same error. > > > So the 2 errors are the *NOTFOUND nisDomainObject *which is there when > > I check on the master: > > > > [root@msldap01 openldap2.4]# ldapsearch2.4 -h 10.2.250.15 -D > > cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -w xxxxx-b > > dc=ldn,dc=sw,dc=com -s base > > # extended LDIF > > # > > # LDAPv3 > > # base <dc=ldn,dc=sw,dc=com> with scope baseObject > > # filter: (objectclass=*) > > # requesting: ALL > > # > > > > # ldn.sw.com > > dn: dc=ldn,dc=sw,dc=com > > dc: ldn > > o: ldn > > associatedDomain: ldn.sw.com > > nisDomain: ldn.sw.com > > objectClass: dcObject > > objectClass: organization > > objectClass: domainRelatedObject > > *objectClass: nisDomainObject* > > objectClass: top > > > That looks OK. > > > > The other error is 'Failed to find defaultSearchBase for domain > > ldn.sw.com' > > > > [root@msldap01 openldap2.4]# ldapsearch2.4 -h 10.2.250.15 -D > > cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -w 5wap5proxy -b > > cn=default,ou=profile,dc=ldn,dc=sw,dc=com -s base > > # extended LDIF > > # > > # LDAPv3 > > # base <cn=default,ou=profile,dc=ldn,dc=sw,dc=com> with scope baseObject > > # filter: (objectclass=*) > > # requesting: ALL > > # > > Do you have a cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com entry? Yeh [root@msldap01 openldap2.4]# ldapsearch2.4 -h 10.2.250.15 -D cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -w xxxxx -b cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -s base # extended LDIF # # LDAPv3 # base <cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com> with scope baseObject # filter: (objectclass=*) # requesting: ALL # # proxyagent, profile, ldn.sw.com dn: cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com cn: proxyagent sn: proxyagent objectClass: top objectClass: person userPassword:: e0NSWVBUfXYuTWpqUDJEb3lpMXc= # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 > > > # default, profile, ldn.sw.com > > dn: cn=default,ou=profile,dc=ldn,dc=sw,dc=com > > *defaultSearchBase: dc=ldn,dc=sw,dc=com* > > authenticationMethod: simple > > followReferrals: TRUE > > profileTTL: 43200 > > searchTimeLimit: 30 > > objectClass: DUAConfigProfile > > defaultServerList: 10.2.250.15 > > credentialLevel: proxy > > cn: default > > defaultSearchScope: one > > You should add > > serviceSearchDescriptor: passwd:<people base> > serviceSearchDescriptor: group:<group base> I initially had these (and one for shadow) but they didn't make any difference the error, but I expect I'll need them when its in operation. > > -- > Ian. > |