Hi everyone, I just installed 389-ds on Fedora and have a problem with Solaris clients.
Everything works well on the Linux side (Fedora, CentOS and RHEL clients works fine). On the Solaris side, I got everything to work too (pam, ssh, getent passwd, getent group, ldaplist -l paswd, ldaplist -l group, etc). I used the native Solaris ldapclient tool to make everything work. The problem I have is with the Group attribute. In 389-ds, the group are created with the objectClass "groupofuniquenames" and the members are listed with the attribute "uniqueMember". I manually add the objectClass "posixgroup" to allow the group to be visible on the client. With this configuration, everything work fine in Linux. In Solaris, I can see the group with "getent group" but there are no member. What I have found is that Solaris need it's member to be in the "memberUid" attribute and not in the "uniqueMember" attribute. Also, I found that while uniqueMember require a full qualification (uid=jeff,ou=people,dc=test,dc=com), the memberUid just require the uid (jeff). What should I do to make this work easy on Solaris? Adding the memberUid by hand is not an option because it's sure there will be a difference between the uniqueMember and memberUid list in some point in time. Thank you! -- Jean-Francois Saucier (djf_jeff) GPG key : 0xA9E6E953
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
