I have configured Solaris to use ldap users.
The ldap server is Samba4 DC, the client is Solaris 11.4.
I have "join" the server with this command
Code:
ldapclient manual \
-a credentialLevel=proxy \
-a authenticationMethod=sasl/gssapi \
-a proxyDN=cn=proxyldap,cn=Users,dc=mydom,dc=priv \
-a proxyPassword=******* \
-a defaultSearchBase=dc=mydom,dc=priv \
-a debugLevel=6 \
-a domainName=mydom.priv \
-a "defaultServerList=10.3.0.4" \
-a attributeMap=group:userpassword=unixUserPassword\
-a attributeMap=group:gidnumber=gidNumber \
-a attributeMap=passwd:cn=cn \
-a attributeMap=passwd:gidnumber=gidNumber \
-a attributeMap=passwd:uidnumber=uidNumber \
-a attributeMap=passwd:homedirectory=homeDirectory \
-a attributeMap=passwd:loginshell=loginShell \
-a attributeMap=shadow:userpassword=unixUserPassword \
-a objectClassMap=group:posixGroup=group \
-a objectClassMap=passwd:posixAccount=user \
-a serviceSearchDescriptor=passwd:dc=mydom,dc=priv?sub \
-a serviceSearchDescriptor=group:dc=mydom,dc=priv?sub
Configure return OK
finger works, searching for user "pino" on Solaris
Code:
finger pino
Login name: pino In real life: pino
Directory: /home/pino Shell: /bin/bash
Never logged in.
No unread mail
No Plan.
ldaplist return error!
Code:
ldaplist passwd
ldaplist: libsldap.so.1 internal error
ldaplist -a sasl/GSSAPI passwd
ldaplist: (standalone auth error)
Configuration syntax error: Unable to set parameter from a client in __ns_ldap_setParam()
getent passwd works...at 50%
Code:
getent passwd |grep pino
pino:x:3000014:100:pino:/home/pino:/bin/bash
getent passwd pino
id doesn't work
Code:
id pino
id: invalid user name: "pino"
What I miss?