[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
solaris 10 as client to openldap
- To: openldap-technical@openldap.org
- Subject: solaris 10 as client to openldap
- From: Isaac Hailperin <hailperin@zib.de>
- Date: Thu, 02 Sep 2010 18:01:23 +0200
- User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.11) Gecko/20100713 Thunderbird/3.0.6
Hi,
I am trying to set up an solaris 10 ldap client to work with an openldap
server.
The server serves the following profile:
dn: cn=solarisbox,ou=profile,dc=acme,dc=de
bindTimeLimit: 10
credentialLevel: anonymous
cn: solarisbox
profileTTL: 43200
searchTimeLimit: 30
defaultSearchScope: sub
followReferrals: TRUE
authenticationMethod: simple
defaultSearchBase: dc=acme,dc=de
objectClass: top
objectClass: DUAConfigProfile
defaultServerList: 192.168.0.5
On the solaris box, I issue:
ldapclient -v init -a profileName=solarisbox 192.168.0.5
Parsing profileName=solarisbox
Arguments parsed:
profileName: solarisbox
defaultServerList: 192.168.0.5
Handling init option
About to configure machine by downloading a profile
findBaseDN: begins
findBaseDN: ldap not running
findBaseDN: calling __ns_ldap_default_config()
found 1 namingcontexts
findBaseDN: __ns_ldap_list(NULL,
"(&(objectclass=nisDomainObject)(nisdomain=acme.de))"
rootDN[0] dc=acme,dc=de
found baseDN dc=acme,dc=de for domain acme.de
Proxy DN: NULL
Proxy password: NULL
Credential level: 0
Authentication method: 1
No proxyDN/proxyPassword required
Shadow Update is not enabled, no adminDN/adminPassword is required.
About to modify this machines configuration by writing the files
Stopping network services
Stopping sendmail
[...]
restart: milestone/name-services:default... success
Error resetting system.
Recovering old system settings.
Stopping network services
Stopping sendmail
stop: sleep 100000 microseconds
[...]
top: network/ldap/client:default... restoring from maintenance state
stop: network/ldap/client:default... failed: required constraint not met
Stopping ldap failed with (1)
Error (1) while stopping services during reset
recover: stat(/var/ldap/restore/defaultdomain)=0
[...]
I am not very familiar with solaris, so I just drop a few other things
that I found that seemed related:
cat /var/ldap/cachemgr.log
[...]
Thu Sep 2 17:02:19.4557 Error: Unable to read
'/var/ldap/ldap_client_file': Configuration Error: No entry for
'NS_LDAP_BINDDN' found
Thu Sep 2 17:02:19.4601 detachfromtty(): child failed (rc = 255).
Thu Sep 2 17:32:56.9181 Starting ldap_cachemgr, logfile
/var/ldap/cachemgr.log
[...]
I can confirm that /var/ldap/ldap_client_file does not exist.
grep ldap /var/svc/log/*
/var/svc/log/network-ldap-client:default.log:[ Sep 2 17:02:19 Executing
start m
ethod ("/lib/svc/method/ldap-client start") ]
/var/svc/log/network-ldap-client:default.log:/usr/lib/ldap/ldap_cachemgr: failed
. Please see syslog for details.
/var/svc/log/svc.startd.log:Sep 2 17:32:57/458 ERROR:
svc:/network/ldap/client:
default: Method "/lib/svc/method/ldap-client start" failed with exit
status 1.
/var/svc/log/svc.startd.log:Sep 2 17:32:57/458:
network/ldap/client:default fai
led: transitioned to maintenance (see 'svcs -xv' for details)
cat /var/adm/messages
[...]
Sep 2 17:32:56 unknown ldap_cachemgr[1134]: [ID 293258 daemon.error]
libsldap: Status: 0 Mesg: Configuration Error: No entry for
'NS_LDAP_BINDDN' found
Sep 2 17:32:56 unknown ldap_cachemgr[1133]: [ID 703877 daemon.error]
ldap_cachemgr: failed (rc = 255).
Sep 2 17:32:57 unknown svc.startd[7]: [ID 652011 daemon.warning]
svc:/network/ldap/client:default: Method "/lib/svc/method/ldap-client
start" failed with exit status 1.
[...]
I had a look at another solaris 10 machine (which I did not set up).
The file /var/ldap/ldap_client_file exists, but has no entry
'NS_LDAP_BINDDN'.
Also, I can't find some sort of bindDN option to ldapclient, nor can I
find an attribute of that kind for the profile.
Any hints on how to get this working?
Isaac