[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Solaris client configuration
This my setup. I don't have SSL, auto mount, and repliction setup yet.
bash-3.00# ldapclient list
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_BINDDN= uid=proxyagent,ou=People,dc=test,dc=net
NS_LDAP_BINDPASSWD= {NS1}ecfa88f3a945c411
NS_LDAP_SERVERS= 10.0.0.2:389
NS_LDAP_SEARCH_BASEDN= dc=test,dc=net
NS_LDAP_SERVER_PREF= 10.0.0.2
NS_LDAP_CACHETTL= 0
NS_LDAP_CREDENTIAL_LEVEL= proxy
NS_LDAP_SERVICE_SEARCH_DESC= passwd:ou=People,dc=test,dc=net
NS_LDAP_SERVICE_SEARCH_DESC= group:ou=Group,dc=test,dc=net
NS_LDAP_SERVICE_SEARCH_DESC= shadow:ou=People,dc=test,dc=net
NS_LDAP_SERVICE_AUTH_METHOD= pam_ldap:simple
It took me longer to setup the Solaris LDAP client then installing and
configuring OpenLDAP on the RHEL 5. I hope this helps.
On Thu, Mar 29, 2012 at 1:55 PM, Kline, Sara <SKline@tnsi.com> wrote:
> Hey all,
>
> I am trying to get a Solaris 10 client to authenticate to our OpenLDAP
> (2.3.43) server, which was built on Red Hat 5.7. Linux clients (RHEL 4,5 and
> 6, and Oracle 5.7) authenticate without issue. I think it may be a simple
> misconfiguration but I am really not a Solaris person at all. Would someone
> be willing to send an ldapclient list to me? I would really appreciate it.
> Steps I have taken:
>
> 1.ÂÂÂÂÂÂ Imported the SSL cert according to Oracleâs instructions
>
> 2.ÂÂÂÂÂÂ Made the 3 files cert8, keys3, and secmod readable to everyone with
> chmod 444
>
> My current ldapclient list looks like this:
>
> LDAP_CLIENT_FILE_VERSION= 2.0
>
> NS_LDAP_BINDDN= cn=admin,dc=prod,dc=ourdomain,dc=com
>
> NS_LDAP_BINDPASSWD={NS1}ourpassword
>
> NS_LDAP_SERVERS=oly-infra-ldap1 (this is how the name appears on the cert,
> it is in the hosts file)
>
> NS_LDAP_SEARCH_BASEDN=dc=prod,dc=ourdomain,dc=com
>
> NS_LDAP_AUTH=tls:simple
>
> NS_LDAP_CACHETTL=0
>
> NS_LDAP_CREDENTIAL_LEVEL=proxy
>
> NS_LDAP_SERVICE_AUTH_METHOD=pam_ldap:tls:simple
>
> NS_LDAP_HOST_CERTPATH=/var/ldap
>
>
>
> Any help would be greatly appreciated.
>
>
>
> Sara Kline
>
> System Administrator
>
> Transaction Network Services, Inc
>
> 4501 Intelco Loop, Lacey WA 98503
>
> Wk: (360) 493-6736
>
> Cell: (360) 280-2495
>
>
>
>
> ________________________________
> This e-mail message is for the sole use of the intended recipient(s)and may
> contain confidential and privileged information of Transaction Network
> Services.
> Any unauthorised review, use, disclosure or distribution is prohibited. If
> you
> are not the intended recipient, please contact the sender by reply e-mail
> and destroy all copies of the original message.
>