[OpenIndiana-discuss] New to OpenIndian
Jonathan Adams
t12nslookup at gmail.com
Wed Jan 29 09:53:04 UTC 2014
we have profiles defined inside our OpenLDAP that make this easier to
support on machines ...
dn: ou=profile,dc=myorg,dc=com
objectClass: top
objectClass: organizationalUnit
ou: profile
dn: cn=default,ou=profile,dc=myorg,dc=com
objectClass: top
objectClass: DUAConfigProfile
defaultSearchBase: dc=myorg,dc=com
cn: default
credentialLevel: proxy
objectclassMap: automount:automountMap=nisMap
objectclassMap: automount:automount=nisObject
attributeMap: automount:automountMapName=nisMapName
attributeMap: automount:automountInformation=nisMapEntry
attributeMap: automount:automountKey=cn
defaultServerList: <my server list>
authenticationMethod: simple
serviceSearchDescriptor: auto_home:nisMapName=auto_home,dc=myorg,dc=com
profileTTL: 43200
the we run:
ldapclient init -v -a profileName=default \
-a domainname=myorg.com \
-a proxyDN=cn=proxyadmin,ou=People,dc=myorg,dc=com \
-a proxyPassword=<proxy secret> \
<main server>
and that gets us up and running.
what schema do you have added to your slapd.conf?
Jon
On 29 January 2014 04:52, Randall Svancara <rsvancara at wsu.edu> wrote:
> I will take a stab at this list...who knows I may get lucky.
>
> I am attempting to configure LDAP authentication for OpenIndiana...some
> recent version.
>
> I am using manual configuration for the ldap client tool:
>
> #!/bin/bash
> ldapclient manual \
> -a credentialLevel=proxy \
> -a authenticationMethod=simple \
> -a defaultSearchBase=dc=tldhost,dc=wsu,dc=edu \
> -a defaultSearchScope=sub \
> -a domainName=storage.local \
> -a defaultServerList=mgt.local \
> -a proxyDN=cn=superadmin,dc=tldhost,dc=wsu,dc=edu \
> -a proxyPassword=XXXXXXXXXXXXXXXXX \
> -a attributeMap=group:gidnumber=gidNumber \
> -a attributeMap=passwd:gidnumber=gidNumber \
> -a attributeMap=passwd:uidnumber=uidNumber \
> -a attributeMap=passwd:homedirectory=homeDirectory \
> -a attributeMap=passwd:loginshell=loginShell \
> -a attributeMap=shadow:userpassword=userPassword \
> -a objectClassMap=group:posixGroup=posixgroup \
> -a objectClassMap=passwd:posixAccount=posixaccount \
> -a objectClassMap=shadow:shadowAccount=posixaccount \
> -a serviceSearchDescriptor=passwd:ou=users,dc=tldhost,dc=wsu,dc=edu \
> -a serviceSearchDescriptor=group:ou=groups,dc=tldhost,dc=wsu,dc=edu \
> -a serviceSearchDescriptor=shadow:ou=users,dc=tldhost,dc=wsu,dc=edu
>
> When I try to run
>
> ldaplist -vvv password
> +++ database=password
> +++ filter=objectclass=posixaccount
> +++ template for merging SSD filter=%s
> ldaplist: Object not found (LDAP ERROR (32): No such object.)
>
> I have these objects in the LDAP database? Any ideas?
>
> I can take the filter and plug it directly into ldapsearch and I can
> return results.
>
> Thanks,
>
> Randall
>
>
>
>
> On 01/28/2014 06:30 PM, Randall Svancara wrote:
>
>> Hi,
>>
>> Is this the correct list to ask questions like how to configure LDAP
>> authentication?
>>
>> Thanks,
>>
>> Randall
>>
>> _______________________________________________
>> OpenIndiana-discuss mailing list
>> OpenIndiana-discuss at openindiana.org
>> http://openindiana.org/mailman/listinfo/openindiana-discuss
>>
>
>
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
>
More information about the OpenIndiana-discuss
mailing list