Hi,

I found various appliances to require some specifications in terms of a LDAP 
filter to what to
look for.

E.g. for looking up a user in IPA will be 
(&(objectclass=person)(uid=username)). For AD the
similar search can be specified such as 
(&(sAMAccountName=l0290061)(objectclass=person))'. If you
have an option to choose LDAP or AD, the AD option would probably have a 
similar LDAP filter
already set, while the LDAP option allows you to create your own filter that 
suites your LDAP
server.

Also making sure you have specified the correct base DN, and making sure that 
the appliance will
search all sub CN's or OU's if required. With IPA: 
cn=users,cn=accounts,<SUFFIX> works for my
Solaris clients.

Making sure you bind with a user account if you have disabled anonymous access 
to your LDAP server.

These are the most common issues I've come across for configuring appliances to 
use LDAP.



Regards,
Siggi


On Mon, December 5, 2011 01:15, Steven Jones wrote:
> Hi,
>
>
> Maybe you do, I just didnt see it.....I will ask what the bluecoat and 
> bluearc do.
>
>
> regards
>
> Steven Jones
>
>
> Technical Specialist - Linux RHCE
>
>
> Victoria University, Wellington, NZ
>
>
> 0064 4 463 6272
>
>
> ________________________________________
> From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on 
> behalf of Dmitri Pal
> [d...@redhat.com]
> Sent: Monday, 5 December 2011 1:05 p.m.
> To: freeipa-users@redhat.com
> Subject: Re: [Freeipa-users] Solaris 10 as IPA Client?
>
>
> On 12/04/2011 02:39 PM, Steven Jones wrote:
>
>> 8><-----------
>>
>>
>> Also Solaris assumes 2307 schema AFAIR and IPA is 2307bis.
>> So you need to enable compat tree on ipa side and point your Solaris
>> nss_ldap to the compat tree.
>>
>> 8><----------
>>
>>
>> We have a Sun solar storage SAN.....uses Solaris I cant get it to 
>> work....maybe that's what I
>> need to do to get them to talk....how to I enable "compat tree"?
>
>
> # ipa-compat-manage enable
>
>
>
> I checked the docs.  I was surprised we do not mention that Solaris is 2307.
> I will rise a bug.
>
>
>
>
>> Also would other hardware vendors be similar?  Im trying to get a bluecoat 
>> proxy server to talk
>> to IPA and it cant....
>>
>> regards
>>
>> Steven Jones
>>
>>
>> Technical Specialist - Linux RHCE
>>
>>
>> Victoria University, Wellington, NZ
>>
>>
>> 0064 4 463 6272
>>
>>
>> ________________________________________
>>
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users@redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>>
>>
>>
>
>
> --
> Thank you,
> Dmitri Pal
>
>
> Sr. Engineering Manager IPA project,
> Red Hat Inc.
>
>
>
> -------------------------------
> Looking to carve out IT costs?
> www.redhat.com/carveoutcosts/
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to