[Date Prev][Date Next] [Chronological] [Thread] [Top]

solaris 10 as client to openldap




Hi,

I am trying to set up an solaris 10 ldap client to work with an openldap server.
The server serves the following profile:
dn: cn=solarisbox,ou=profile,dc=acme,dc=de
bindTimeLimit: 10
credentialLevel: anonymous
cn: solarisbox
profileTTL: 43200
searchTimeLimit: 30
defaultSearchScope: sub
followReferrals: TRUE
authenticationMethod: simple
defaultSearchBase: dc=acme,dc=de
objectClass: top
objectClass: DUAConfigProfile
defaultServerList: 192.168.0.5

On the solaris box, I issue:
ldapclient -v init -a profileName=solarisbox   192.168.0.5
Parsing profileName=solarisbox
Arguments parsed:
        profileName: solarisbox
        defaultServerList: 192.168.0.5
Handling init option
About to configure machine by downloading a profile
findBaseDN: begins
findBaseDN: ldap not running
findBaseDN: calling __ns_ldap_default_config()
found 1 namingcontexts
findBaseDN: __ns_ldap_list(NULL, "(&(objectclass=nisDomainObject)(nisdomain=acme.de))"
rootDN[0] dc=acme,dc=de
found baseDN dc=acme,dc=de for domain acme.de
Proxy DN: NULL
Proxy password: NULL
Credential level: 0
Authentication method: 1
No proxyDN/proxyPassword required
Shadow Update is not enabled, no adminDN/adminPassword is required.
About to modify this machines configuration by writing the files
Stopping network services
Stopping sendmail
[...]
restart: milestone/name-services:default... success
Error resetting system.
Recovering old system settings.
Stopping network services
Stopping sendmail
stop: sleep 100000 microseconds
[...]
top: network/ldap/client:default... restoring from maintenance state
stop: network/ldap/client:default... failed: required constraint not met
Stopping ldap failed with (1)
Error (1) while stopping services during reset
recover: stat(/var/ldap/restore/defaultdomain)=0
[...]


I am not very familiar with solaris, so I just drop a few other things that I found that seemed related:

cat /var/ldap/cachemgr.log
[...]
Thu Sep 2 17:02:19.4557 Error: Unable to read '/var/ldap/ldap_client_file': Configuration Error: No entry for 'NS_LDAP_BINDDN' found
Thu Sep  2 17:02:19.4601        detachfromtty(): child failed (rc = 255).
Thu Sep 2 17:32:56.9181 Starting ldap_cachemgr, logfile /var/ldap/cachemgr.log
[...]

I can confirm that /var/ldap/ldap_client_file does not exist.

grep ldap /var/svc/log/*
/var/svc/log/network-ldap-client:default.log:[ Sep 2 17:02:19 Executing start m
ethod ("/lib/svc/method/ldap-client start") ]
/var/svc/log/network-ldap-client:default.log:/usr/lib/ldap/ldap_cachemgr: failed
. Please see syslog for details.

/var/svc/log/svc.startd.log:Sep 2 17:32:57/458 ERROR: svc:/network/ldap/client: default: Method "/lib/svc/method/ldap-client start" failed with exit status 1. /var/svc/log/svc.startd.log:Sep 2 17:32:57/458: network/ldap/client:default fai
led: transitioned to maintenance (see 'svcs -xv' for details)

cat /var/adm/messages
[...]
Sep 2 17:32:56 unknown ldap_cachemgr[1134]: [ID 293258 daemon.error] libsldap: Status: 0 Mesg: Configuration Error: No entry for 'NS_LDAP_BINDDN' found Sep 2 17:32:56 unknown ldap_cachemgr[1133]: [ID 703877 daemon.error] ldap_cachemgr: failed (rc = 255). Sep 2 17:32:57 unknown svc.startd[7]: [ID 652011 daemon.warning] svc:/network/ldap/client:default: Method "/lib/svc/method/ldap-client start" failed with exit status 1.
[...]

I had a look at another solaris 10 machine (which I did not set up).
The file /var/ldap/ldap_client_file exists, but has no entry
'NS_LDAP_BINDDN'.
Also, I can't find some sort of bindDN option to ldapclient, nor can I find an attribute of that kind for the profile.

Any hints on how to get this working?

Isaac