solaris ldap client with Tivoli Directory on AIX
807559Jun 11 2008 — edited Jun 11 2008hi
i have tivoli directiory server running on AIX system.
i have a solaris 10 system and need to configure solaris to ldap auth with the Tivoli directory server
Here is how my TDS looks
o=abc
------ou=unixusers
---------cn=user1
---------cn=user2
etc
I have configured solaris ldapclient as
Enable LDAP Client
bash-3.00# svcs -l network/ldap/client:default
bash-3.00# svcs -l network/ldap/client:default
fmri svc:/network/ldap/client:default
name LDAP client
enabled true
state offline
next_state none
state_time Wed Jun 11 14:53:57 2008
restarter svc:/system/svc/restarter:default
dependency require_all/none svc:/system/filesystem/minimal (online)
dependency require_all/none svc:/network/initial (online)
dependency require_all/none file://localhost/var/ldap/ldap_client_file (absent)
bash-3.00# ldapclient manual -a authenticationMethod=none -a defaultSearchBase=o=abc-a defaultSearchScope=sub -a defaultServerList=192.168.112.87:1389
System successfully configured
bash-3.00# ldaplist
dn: o=abc
dn: ou=unixusers,o=abc
dn: cn=user1,ou=unixusers,o=abc
dn: cn=user2,ou=unixusers,o=abc
dn: cn=user3,ou=unixusers,o=abc
etc
bash-3.00# ldapclient list
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_BINDDN= cn=root
NS_LDAP_BINDPASSWD= {NS1}ecfa88f3a9bfc411
NS_LDAP_SERVERS= 192.168.112.87:1389
NS_LDAP_SEARCH_BASEDN= o=ABC
NS_LDAP_AUTH= simple
NS_LDAP_SEARCH_SCOPE= sub
NS_LDAP_CACHETTL= 0
BUT
bash-3.00# ldaplist -l passwd user1
ldaplist: Object not found
ldapaddent -d -cpv -b "ou=unixusers,o=abc" -D cn=root -w pass123 -f /etc/passwd passwd
Gives error
SERVICE = passwd
Container passwd does not exist
I m not sure what am i doing wrong.
Do i need to configure pam.conf or pam_ldap on solaris ??? are there any other configurations that i m missing. i m new to the Solaris environment
Am using http://docs.sun.com/app/docs/doc/816-4556/clientsetup-1?a=view as my reference
any help is great help
Thanks !
Harsh