Andy Singleton wrote:
Hi rob,

Glad you caught up with this problem.

The nsswitch.conf is set up as per the install document. So:
 passwd:     files ldap[NOTFOUND=return]
 group:    files ldap[NOTFOUND=return]

The system uses the standard solaris nss_ldap package.

Ok, can you see if you can get a specific user and group:

getent passwd admin
getent group ipausers

rob


Cheers
Andy

----- Original Message -----
From: Rob Crittenden <rcrit...@redhat.com>
To: Andy Singleton
Cc: freeipa-users@redhat.com <freeipa-users@redhat.com>
Sent: Tue Feb 02 21:01:33 2010
Subject: Re: [Freeipa-users] Installing IPA on Solaris 10

Andy Singleton wrote:
 > Hi guys,
 >
> >
 > I am installing IPA 1.2.2 client installation on one of our Solaris
 > servers, and I cant seem to get the system to see the IPA users. “getent
 > passwd” only returns local users, and no traffic is leaving the client
 > for the IPA server for ldap.
 >
> >
 > I have followed the instructions from the documentation, but I
 > definitely get the feeling that something is missing.
 >
 > All the various configuration files are populated, and the Kerberos
 > portion works correctly because I can obtain a ticket.
 >
 > So possibly there is a problem with the nss_ldap part, or the ldap.conf
 > itself.
 >
> > > Does anyone know common problems that might have this result on Solaris 10?
 >
> >
 > For reference, here is the /etc/ldap.conf file:
 >
> >
 > ldap_version 3
 >
 > base cn=compat,dc=live,dc=tipp24,dc=net
 >
 > nss_base_passwd cn=users,cn=compat,dc=live,dc=tipp24,dc=net?sub
 >
 > nss_base_group cn=groups,cn=compat,dc=live,dc=tipp24,dc=net?sub
 >
 > nss_schema rfc2307bis
 >
 > nss_map_objectclass shadowAccount posixAccount
 >
 > nss_map_attribute uniqueMember member
 >
 > nss_initgroups_ignoreusers root,dirsrv,oracle
 >
 > nss_reconnect_maxsleeptime 8
 >
 > nss_reconnect_sleeptime 1
 >
 > bind_timelimit 2
 >
 > timelimit 4
 >
 > nss_srv_domain live.tipp24.net
 >
 > uri ldap://ipaserver1.live.tipp24.net ldap://ipaserver2.live.tipp24.net
 >
> >
 > Thanks
 >
 > Andy

Sorry, missed this one last week..

What does /etc/nsswitch.conf read? Is it configured to use ldap?

You might also try killing nscd in case it is interfering.

rob


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to