Steven Jones wrote:


8><-----------

Also Solaris assumes 2307 schema AFAIR and IPA is 2307bis.
So you need to enable compat tree on ipa side and point your Solaris
nss_ldap to the compat tree.

8><----------

We have a Sun solar storage SAN.....uses Solaris I cant get it to work....maybe that's 
what I need to do to get them to talk....how to I enable "compat tree"?

Also would other hardware vendors be similar?  Im trying to get a bluecoat 
proxy server to talk to IPA and it cant....

compat is enabled by default, to double check run: ipa-compat-manage status

For authentication typically all you need is the basedn of users (cn=users,cn=accounts,dc=example,dc=com). For SSL you can get a copy of the CA cert from http://ipa.example.com/ipa/config/ca.crt.

The 389-ds access logs can be found in /var/log/dirsrv/slapd-YOURINSTANCE/access. These are buffered for up to 30 seconds. The error log by default tends to only log catastrophic problems. You can enable server debugging, details are in the FAQ in the 389-ds wiki.

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to