[SunHELP] help on LDAP authentication on Solaris 8

Low, Adam sunhelp at sunhelp.org
Thu Jun 14 06:06:29 CDT 2001 

Hi Clarte,

Argh, ok it also depends on which LDAP/PAM module you are using as well, there are some security issues with the Sun version (http://www.ldapguru.com/article.php?sid=16) and I would strongly suggest you try using PADL.com's LDAP/PAM modules available at: http://www.padl.com/pam_ldap.html and its supposed to have out of the box support for iDS.

Cheers,
Adam

> -----Original Message-----
> From: Clarte Everett [mailto:clarte.everett at sun.co.id]
> Sent: 14 June 2001 12:46
> To: sunhelp at sunhelp.org
> Subject: [SunHELP] help on LDAP authentication on Solaris 8
> 
> 
> Oh. ok... Thanks guys for replying.
> But it seems that still i cannot make it work.
> Maybe i didn't mention specific enough question about this.
> Here's the situation:
> 1. i already installed solaris 8 01/01 edition on E220R machine.The
> machine is already up and running.
> 2. I have installed the iPlanet Directory Server 4.12, and same as the
> OS, the iDS is already up and running.
> 3. Beside that, i installed iPlanet Messaging Server 5.0, as you may
> already know, iMS uses the iDS for its directory profile.
> 4. Now, i have a sunray server running on different machine, which is
> E220R also and runs solaris 8 01/01 too.
> Right now, i have two user profiles, one is on the iDS, and 
> the other is
> on unix machine (sunray server).
> Both of the user profiles have the same data. Not to mention, i have
> NT box, i have to duplicate the user profile on NT box too.
> This situation gives me a headache. I want to have unified user
> management.
> 
> The question:
> I want to make my sunray server authenticate using the LDAP 
> on different
> machine that runs iPlanet Directory Server.
> How to do that? Let me tell you what i have done:
> 1. i have editted the pam.conf file (but i wasn't sure i have done
> correctly), i added modules for ldap here.
> 2. i have editted the /etc/nsswitch.conf file, add LDAP to passwd,
> group, and host section
> And then I missed something here, where is the file that contains
> information about ldap server?
> Do i have to use openLDAP instead of using iPlanet Directory Server?
> Just like Adam did in the previous message?
> But It's okay if i have to use openLDAP.
> 
> Thanks a lot guys. =)
> 
> rgds,
> cla
> 
> 
> From: "Low, Adam" <ALow at Prioritytelecom.com>
> To: "'sunhelp at sunhelp.org'" <sunhelp at sunhelp.org>
> Subject: RE: [SunHELP] help on LDAP authentication on Solaris 8
> Date: Wed, 13 Jun 2001 17:47:53 +0200
> Reply-To: sunhelp at sunhelp.org
> 
> There's also a complete set of documentation available on the iPlanet
> website (http://www.iplanet.com/)
> 
> I would recommend, unless you really need the iPlanet 
> schema's (i.e. you
> use iPlanet messenging server, etc.)
> that use OpenLDAP instead, I had many problems with the iPlanet LDAP
> server that resulted in my installing
> OpenLDAP and porting the schema's across.
> 
> The main file name is slapd.conf and is usually placed:
> /usr/iplanet/server5/slapd-hostname/config/
> 
> Adam
> 
> > -----Original Message-----
> > From: Miroszlav Moricz [mailto:moriczm at excite.com]
> > Sent: 13 June 2001 16:58
> > To: sunhelp at sunhelp.org
> > Subject: Re: [SunHELP] help on LDAP authentication on Solaris 8
> >
> >
> > Hi!
> >
> > Here's a README file which will help you to setup iPlanet
> > Directory Server!
> >
> > Bye, Miroszlav.
> >
> >
> > On Wed, 30 May 2001 22:35:12 +0700, sunhelp at sunhelp.org wrote:
> >
> > >  Greetings,
> > >
> > >  I'm trying to configure all my solaris machine to
> > authenticate using
> > >  LDAP instead of NIS (with or without +) or file on each servers.
> > >  Btw, I'm using iPlanet Directory Server.
> > >  So, where do i have to start to configure that?
> > >  where is the configuration file? i cannot find it
> > anywhere, or it seems
> > >  i don't know what the file name is.
> > >  Can you help me out here?
> > >
> > >  Thanks in advance.
> 
> 
> _______________________________________________
> SunHELP maillist  -  SunHELP at sunhelp.org
> http://www.sunhelp.org/mailman/listinfo/sunhelp
>

More information about the SunHELP mailing list