Solaris / OpenSolarisThis forum is for the discussion of Solaris, OpenSolaris, OpenIndiana, and illumos.
General Sun, SunOS and Sparc related questions also go here. Any Solaris fork or distribution is welcome.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
yea i just got this command today. i tried it n did the manual setting but it didnt work. then i used command sys-unconfig and try to configure ldap from that but still facing problem when i configure it gave me error in last.
i configured ldap client on solaris 9 and this is my /var/ldap/ldap_client_file settings
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_SERVERS= 172.16.4.81
NS_LDAP_SEARCH_BASEDN= dc=sun,dc=ciit,dc=net
NS_LDAP_SEARCH_REF= FALSE
NS_LDAP_SEARCH_SCOPE= one
NS_LDAP_SEARCH_TIME= 60
NS_LDAP_CACHETTL= 43200
NS_LDAP_PROFILE= sun NS_LDAP_CREDENTIAL_LEVEL= anonymous
NS_LDAP_BIND_TIME= 20
i also use ldapclient list on this system which works fine.
now i m assuming that my authentication will be done from my ldap server. and when i try to login with user i created using directory server it give me error.
plz help me wat should i do to that my authentication will be done from server.
Distribution: Solaris 11.4, Oracle Linux, Mint, Debian/WSL
Posts: 9,789
Rep:
Have a look at the directory server logs to figure out what is going wrong, or as an alternative, use ethereal to view the dialog between the client and the ldap server.
ldaplist is working fine .. but didnt try su - some_ldap_user coz dont know how to use it.
as i told u all things going fine from client except authentication problem.
Listen when i was creating profile using
/usr/lib/ldap/idsconfig
it ask me many options. also it asks about some authentication things. i select simple authentication. Need to know about that.
Plz help me in that as i got only authentication problem now . coz my server is ready n i m stuck with it.
Distribution: Solaris 11.4, Oracle Linux, Mint, Debian/WSL
Posts: 9,789
Rep:
Quote:
Originally Posted by capricorn80
ldaplist is working fine ..
I would like you to show a ldap user entry returned by ldaplist to be sure.
Quote:
but didnt try su - some_ldap_user coz dont know how to use it.
If you do not understand that, I'm afraid you won't be able to diagnose the problem. LDAP authentication is all but an easy thing.
Quote:
as i told u all things going fine from client except authentication problem.
Listen when i was creating profile using
/usr/lib/ldap/idsconfig
it ask me many options.
And did you understand all of them ?
Can you post your answers ?
Quote:
also it asks about some authentication things. i select simple authentication. Need to know about that.
su - some_ldap_user" from root work..
i can understand that. but i was thinking it with ldap. su means switch user. i know this term.
when i su from root on ldap client system it dont work.
Last edited by capricorn80; 08-03-2006 at 02:22 AM.
i was trying to email u but ur email option is blocked.
Actually i want to paste u my setting.
Well let me try some here ..
I configured profile on server
Domain to serve : .................. (i have remove some lines)
2 Base DN to setup :
3 Profile name to create : default
4 Default Server List :
5 Preferred Server List :
6 Default Search Scope : one
7 Credential Level : proxy
8 Authentication Method : simple
9 Enable Follow Referrals : FALSE
10 iDS Time Limit : -1
11 iDS Size Limit : -1
12 Enable crypt password storage : TRUE
13 Service Auth Method pam_ldap :
14 Service Auth Method keyserv :
15 Service Auth Method passwd-cmd:
16 Search Time Limit : 30
17 Profile Time to Live : 43200
18 Bind Limit : 10
19 Service Search Descriptors Menu
Enter config value to change: (1-19 0=commit changes) [0] 0
Enter DN for proxy agent: [cn=proxyagent,ou=profile,dc=.......,dc=......,dc=......]
Enter passwd for proxyagent:
Re-enter passwd:
And then used command on client
ldapclient init \
-a proxyDn=cn=proxyagent,ou=profile,dc= ............
it gave me message with successful configuration.
n when i use ldaplist it search and show me list naming info of ldap Directory server using configured profile .
Now when i start my ldap client if ldap server is stop then it wait until ldap server comes up. It means all this configuration is working fine.
Now the problem is that i have created a user on Directory server with name James and assigned its home directory is
/home/james.
When i try to login in with this user from ldap client it gave me error. All i want to know is that how this user can login to ldapclient successfully with authentication from ldap server.
Last edited by capricorn80; 08-03-2006 at 02:37 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.