LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Solaris / OpenSolaris (https://www.linuxquestions.org/questions/solaris-opensolaris-20/)
-   -   How to configure OpenLDAP in solaris9 (https://www.linuxquestions.org/questions/solaris-opensolaris-20/how-to-configure-openldap-in-solaris9-860624/)

kashifazizawan 02-04-2011 12:41 AM
How to configure OpenLDAP in solaris9
 
How to configure OpenLDAP in solaris9


I want to create solaris9 domain server client network with openldap authentication..
i installed openldap package from
>pkg-get -u openldap

file paths
/opt/csw/etc/openldap/slapd.conf
/opt/csw/etc/openldap/ldap.conf
/opt/csw/sbin/slaptest

cat /opt/csw/etc/openldap/slapd.conf
include /opt/csw/etc/openldap/schema/core.schema
include /opt/csw/etc/openldap/schema/cosine.schema
include /opt/csw/etc/openldap/schema/inetorgperson.schema
include /opt/csw/etc/openldap/schema/solaris.schema
include /opt/csw/etc/openldap/schema/nis.schema
include /opt/csw/etc/openldap/schema/solaris-nis.schema
#include /usr/local/etc/openldap/schema/DUAConfigProfile.sch ema
## solaris.schema provides nisDomainObject, which is absent from nis.schema
# example will NOT work:
# allow bind_v2
# allow bind_anon_dn
# The second entry (bind_anon_dn) overrides the first
# one (bind_v2) since they are in separate lines.
# The line below WILL work.
allow bind_v2 bind_anon_dn
# ACL directives
access to attrs=123456
by self write
by * auth
access to dn.base=""
by * read
access to dn.base="cn=Subschema" by * read
# Change ?anonymous auth? to ?anonymous read? or ?anonymous none? depending on your need
access to dn.subtree="ou=People,dc=test,dc=test"
by self write
by dn="cn=proxyagent,ou=profile,dc=test,dc=test& quot; read
by users read
by anonymous auth
access to *
by self write
by * read
# DB directives
database bdb
suffix "dc=test,dc=test"
rootdn "cn=Manager,dc=test,dc=test"
rootpw 123456
#rootpw {MD5}Xr4ilOzQ4PCOq3aQ0qbuaQ==
directory /opt/csw/var/openldap-data/
index objectClass,uid,uidNumber,gidNumber,ou eq
index cn,mail,surname,givenname eq,subinitial
#index memberUid eq
#index nisDomain eq
#index uniqueMember pres
# Performance tuning directives
sizelimit 5000
threads 8
idletimeout 14400
cachesize 10000
checkpoint 256 15
TLSCipherSuite HIGH:MEDIUM:+TLSv1:+SSLv2:+SSLv3
TLSCACertificateFile /usr/local/etc/openldap/cacert.pem
TLSCertificateFile /usr/local/etc/openldap/slapd-cert-ldap1.pem
TLSCertificateKeyFile /usr/local/etc/openldap/slapd-key-ldap1.pem
# Use the following if client authentication is required
#TLSVerifyClient demand
# ... or not desired at all
#TLSVerifyClient never
password-hash 123456

EricTRA 02-15-2011 01:24 AM
Hello,

Is this a question or a howto you're sharing? If it's the latter, then thanks for sharing :) If it's the first, have a look at Google, it comes up with step by step guides like this one.

Kind regards,

Eric

kashifazizawan 02-15-2011 03:39 AM
this is a question/ not a how-to...
i see the link you mention above.
thnx for:

but dont want to build and install, i need conf files editing etc...

EricTRA 02-15-2011 03:52 AM
Hello,

If you have a good look at the site I pointed to, you'll see that all the configuration files and scripts used are listed with their contents, ready for you to copy/paste and edit according to your needs.

Kind regards,

Eric


All times are GMT -5. The time now is 04:57 AM.