i have configured ldap (Directory Server 5) on sunblade 1500 having solaris 9 and now i want to configure ldap client (on solaris 9).

Have a look at this page:
http://web.singnet.com.sg/~garyttt/I...20Solaris9.htm

its really difficult . is there any short cut like we use authconfig command in Linux and just select the LDAP option appear in blue console.

/usr/sbin/ldapclient is the Solaris equivalent.

yea i just got this command today. i tried it n did the manual setting but it didnt work. then i used command sys-unconfig and try to configure ldap from that but still facing problem when i configure it gave me error in last.

"sys-unconfig" is overkill just to set the naming switch service. You simply have to add ldap to the list of naming services in /etc/nsswitch.conf.

"ldapclient" works, there must be something wrong with your settings. Have a look at your /var/ldap/ldap_client_file

when i configure ldapclient it was succesfull and even i checked file it was all ok. i will check it on monday.

i configured ldap client on solaris 9 and this is my /var/ldap/ldap_client_file settings
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_SERVERS= 172.16.4.81
NS_LDAP_SEARCH_BASEDN= dc=sun,dc=ciit,dc=net
NS_LDAP_SEARCH_REF= FALSE
NS_LDAP_SEARCH_SCOPE= one
NS_LDAP_SEARCH_TIME= 60
NS_LDAP_CACHETTL= 43200
NS_LDAP_PROFILE= sun NS_LDAP_CREDENTIAL_LEVEL= anonymous
NS_LDAP_BIND_TIME= 20

i also use ldapclient list on this system which works fine.
now i m assuming that my authentication will be done from my ldap server. and when i try to login with user i created using directory server it give me error.
plz help me wat should i do to that my authentication will be done from server.

plz reply soon

Have a look at the directory server logs to figure out what is going wrong, or as an alternative, use ethereal to view the dialog between the client and the ldap server.

Is ldaplist working ?

Does "su - some_ldap_user" from root work ?

ldaplist is working fine .. but didnt try su - some_ldap_user coz dont know how to use it.
as i told u all things going fine from client except authentication problem.
Listen when i was creating profile using
/usr/lib/ldap/idsconfig
it ask me many options. also it asks about some authentication things. i select simple authentication. Need to know about that.
Plz help me in that as i got only authentication problem now . coz my server is ready n i m stuck with it.

I would like you to show a ldap user entry returned by ldaplist to be sure.
If you do not understand that, I'm afraid you won't be able to diagnose the problem. LDAP authentication is all but an easy thing.
And did you understand all of them ?
Can you post your answers ?
Well, simple authentication is supported.

su - some_ldap_user" from root work..
i can understand that. but i was thinking it with ldap. su means switch user. i know this term.
when i su from root on ldap client system it dont work.

i was trying to email u but ur email option is blocked.
Actually i want to paste u my setting.
Well let me try some here ..
I configured profile on server
Domain to serve : .................. (i have remove some lines)
2 Base DN to setup :
3 Profile name to create : default
4 Default Server List :
5 Preferred Server List :
6 Default Search Scope : one
7 Credential Level : proxy
8 Authentication Method : simple
9 Enable Follow Referrals : FALSE
10 iDS Time Limit : -1
11 iDS Size Limit : -1
12 Enable crypt password storage : TRUE
13 Service Auth Method pam_ldap :
14 Service Auth Method keyserv :
15 Service Auth Method passwd-cmd:
16 Search Time Limit : 30
17 Profile Time to Live : 43200
18 Bind Limit : 10
19 Service Search Descriptors Menu

Enter config value to change: (1-19 0=commit changes) [0] 0
Enter DN for proxy agent: [cn=proxyagent,ou=profile,dc=.......,dc=......,dc=......]
Enter passwd for proxyagent:
Re-enter passwd:

And then used command on client

ldapclient init \
-a proxyDn=cn=proxyagent,ou=profile,dc= ............

it gave me message with successful configuration.
n when i use ldaplist it search and show me list naming info of ldap Directory server using configured profile .

Now when i start my ldap client if ldap server is stop then it wait until ldap server comes up. It means all this configuration is working fine.
Now the problem is that i have created a user on Directory server with name James and assigned its home directory is
/home/james.
When i try to login in with this user from ldap client it gave me error. All i want to know is that how this user can login to ldapclient successfully with authentication from ldap server.

i dont want to use pam.
Give me some solution so that i can make it work.