*, I have tried to get Solaris 10 to be an LDAP client of our OpenLDAP server, but I keep meeting failure.
I followed the steps from this page: http://docs.lucidinteractive.ca/index.php/Solaris_LDAP_client_with_OpenLDAP_server using the manual method from ldapclient, thus I *did not* apply any patches to the slapd server. I can anonymously bind to the LDAP server only when manually specifying the parameters for 'ldapsearch.' When I issue an 'id <ldapuser>' from the Solaris box, it successfully binds to the LDAP server and the response sent is "No Such Object" from the OpenLDAP server after a successful bind. Starting slapd with: #slapd -d 0x100 -g openldap -u openldap (0x100 = debug-output the connections, operations and results) shows the following output for a successful 'id <ldapuser>' command from one of the Linux hosts that uses the OpenLDAP client: --------------------------8< <snip>-------------------------- conn=147 fd=13 ACCEPT from IP=xxx.xxx.xxx.xxx:35065 (IP=0.0.0.0:389) conn=147 op=0 BIND dn="" method=128 conn=147 op=0 RESULT tag=97 err=0 text= conn=147 op=1 SRCH base="dc=<ldapbase1>,dc=<ldapbase2>,dc=<ldapbase3>" scope=2 deref=0 filter="(&(objectClass=nisNetgroup)(cn=admin))" conn=147 op=1 SRCH attr=cn nisNetgroupTriple memberNisNetgroup conn=147 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=147 op=2 SRCH base="dc=<ldapbase1>,dc=<ldapbase2>,dc=<ldapbase3>" scope=2 deref=0 filter="(&(objectClass=nisNetgroup)(cn=desktop))" conn=147 op=2 SRCH attr=cn nisNetgroupTriple memberNisNetgroup conn=147 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=147 op=3 SRCH base="dc=<ldapbase1>,dc=<ldapbase2>,dc=<ldapbase3>" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=<ldapuser>))" conn=147 op=3 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass <= bdb_equality_candidates: (uid) index_param failed (18) conn=147 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text= conn=147 op=4 SRCH base="dc=<ldapbase1>,dc=<ldapbase2>,dc=<ldapbase3>" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uidNumber=10235))" conn=147 op=4 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass <= bdb_equality_candidates: (uidNumber) index_param failed (18) conn=147 op=4 SEARCH RESULT tag=101 err=0 nentries=1 text= conn=147 op=5 SRCH base="dc=<ldapbase1>,dc=,<ldapbase2>dc=<ldapbase3>" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=<ldapuser>))" <= bdb_equality_candidates: (uid) index_param failed (18) conn=147 op=5 SEARCH RESULT tag=101 err=0 nentries=1 text= conn=147 op=6 SRCH base="dc=<ldapbase1>,dc=<ldapbase2>,dc=<ldapbase3>" scope=2 deref=0 filter="(&(objectClass=posixGroup)(|(memberUid=<ldapuser>)(uniqueMember=uid=<ldapuser>,ou=users,dc=<ldapbase1>,dc=<ldapbase2>,dc=<ldapbase3>)))" conn=147 op=6 SRCH attr=gidNumber <= bdb_equality_candidates: (memberUid) index_param failed (18) <= bdb_equality_candidates: (uniqueMember) index_param failed (18) conn=147 op=6 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=147 op=7 SRCH base="dc=<ldapbase1>,dc=<ldapbase2>,dc=<ldapbase3>" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=<ldapuser>))" <= bdb_equality_candidates: (uid) index_param failed (18) conn=147 op=7 SEARCH RESULT tag=101 err=0 nentries=1 text= conn=147 op=8 SRCH base="dc=<ldapbase1>,dc=<ldapbase2>,dc=<ldapbase3>" scope=2 deref=0 filter="(&(objectClass=posixGroup)(|(memberUid=<ldapuser>)(uniqueMember=uid=<ldapuser>,ou=users,dc=<ldapbase1>,dc=<ldapbase2>,dc=<ldapbase3>)))" conn=147 op=8 SRCH attr=gidNumber <= bdb_equality_candidates: (memberUid) index_param failed (18) <= bdb_equality_candidates: (uniqueMember) index_param failed (18) conn=147 op=8 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=147 fd=13 closed (connection lost) -----------------------8< </snip>-------------------------------------------------- While the same 'id <ldapuser>' command from the Solaris machine shows up like this: -----------------------8< <snip>-------------------------------------------------- conn=277 fd=14 ACCEPT from IP=155.246.89.4:33083 (IP=0.0.0.0:389) conn=277 op=0 SRCH base="ou=people,dc=<ldapbase1>,dc=<ldapbase2>,dc=<ldapbase3>" scope=2 deref=3 filter="(&(objectClass=posixAccount)(uid=<ldapuser>))" conn=277 op=0 SRCH attr=cn uid uidnumber gidnumber gecos description homedirectory loginshell conn=277 op=0 SEARCH RESULT tag=101 err=32 nentries=0 text= -----------------------8< </snip>-------------------------------------------------- Obviously the Solaris is performing one search and getting one result while the OpenLDAP client is performing what looks to me to be eight searches. (by counting the SEARCH RESULT instances). Any useful pointers are greatly appreciated. Thanks, James Light _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
