I don't have either one of them working right now. We're doing it
sort-of by hand, and may be supporting MacOS as well if it works.
Not just different, but actually incompatible with RFC 2307? Thanks
for the warning. Hopefully we're doing a sufficiently limited set of
stuff that we can dodge whatever problems there are. We'll see.
On Jan 26, 2007, at 11:50 AM, Howard Chu wrote:
Henry B. Hotz wrote:
I just started working on this for Redhat. Any gotcha's? Does
RedHat have ldap cacheing the way Solaris does?
Solaris is next. I would think you could use ldapclient to get
ldap and cacheing configured. Then put ldap in as a source in /
etc/ nsswitch.conf for whatever's appropriate. Then put pam_krb5
in the relevant pam chains. I think there may be an account chain
that should have pam_ldap instead of pam_krb5.
Do yourself a favor and don't use Solaris ldapclient for anything.
Not if you already have Linux systems working with LDAP on your
network; the Solaris schema is incompatible with RFC2307 and just
about anything else. Jettison all their junk and install the PADL
stuff so that you'll get consistent identical behavior across Linux
and Solaris.
Simple in theory. ;-)
On Dec 28, 2006, at 3:43 AM, Kent Nasveschuk wrote:
Hello,
Is there anyone using Heimdal Kerberos/LDAP for Solaris 10
clients? I've
struggled through getting Fedora and RedHat to work with this but
I'm
having problems Solaris.
LDAP version 2.3.27
Heimdal 0.7.2
Thanks.
Kent N
------------------------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
[EMAIL PROTECTED], or [EMAIL PROTECTED]