Hi, I found various appliances to require some specifications in terms of a LDAP filter to what to look for.
E.g. for looking up a user in IPA will be (&(objectclass=person)(uid=username)). For AD the similar search can be specified such as (&(sAMAccountName=l0290061)(objectclass=person))'. If you have an option to choose LDAP or AD, the AD option would probably have a similar LDAP filter already set, while the LDAP option allows you to create your own filter that suites your LDAP server. Also making sure you have specified the correct base DN, and making sure that the appliance will search all sub CN's or OU's if required. With IPA: cn=users,cn=accounts,<SUFFIX> works for my Solaris clients. Making sure you bind with a user account if you have disabled anonymous access to your LDAP server. These are the most common issues I've come across for configuring appliances to use LDAP. Regards, Siggi On Mon, December 5, 2011 01:15, Steven Jones wrote: > Hi, > > > Maybe you do, I just didnt see it.....I will ask what the bluecoat and > bluearc do. > > > regards > > Steven Jones > > > Technical Specialist - Linux RHCE > > > Victoria University, Wellington, NZ > > > 0064 4 463 6272 > > > ________________________________________ > From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on > behalf of Dmitri Pal > [d...@redhat.com] > Sent: Monday, 5 December 2011 1:05 p.m. > To: firstname.lastname@example.org > Subject: Re: [Freeipa-users] Solaris 10 as IPA Client? > > > On 12/04/2011 02:39 PM, Steven Jones wrote: > >> 8><----------- >> >> >> Also Solaris assumes 2307 schema AFAIR and IPA is 2307bis. >> So you need to enable compat tree on ipa side and point your Solaris >> nss_ldap to the compat tree. >> >> 8><---------- >> >> >> We have a Sun solar storage SAN.....uses Solaris I cant get it to >> work....maybe that's what I >> need to do to get them to talk....how to I enable "compat tree"? > > > # ipa-compat-manage enable > > > > I checked the docs. I was surprised we do not mention that Solaris is 2307. > I will rise a bug. > > > > >> Also would other hardware vendors be similar? Im trying to get a bluecoat >> proxy server to talk >> to IPA and it cant.... >> >> regards >> >> Steven Jones >> >> >> Technical Specialist - Linux RHCE >> >> >> Victoria University, Wellington, NZ >> >> >> 0064 4 463 6272 >> >> >> ________________________________________ >> >> >> _______________________________________________ >> Freeipa-users mailing list >> Freeipaemail@example.com >> https://www.redhat.com/mailman/listinfo/freeipa-users >> >> >> > > > -- > Thank you, > Dmitri Pal > > > Sr. Engineering Manager IPA project, > Red Hat Inc. > > > > ------------------------------- > Looking to carve out IT costs? > www.redhat.com/carveoutcosts/ > > > > _______________________________________________ > Freeipa-users mailing list > Freeipafirstname.lastname@example.org > https://www.redhat.com/mailman/listinfo/freeipa-users > > > _______________________________________________ > Freeipa-users mailing list > Freeipaemail@example.com > https://www.redhat.com/mailman/listinfo/freeipa-users > > _______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users