I have applied your settings, restarted ldapclient and started SLAPD in debug
mode (-d 10)
so I can monitor the console - but when I issue "getent passwd administration",
there is
no change on the debug output, and that means "getent" does not even attempt to
connect to LDAP server ...
On Tue, 06 Mar 2012 21:17:09 +0200, Jonathan Adams <[email protected]>
wrote:
my auth from my slapd.conf:
access to dn.base="" by * read
#
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
by self write
by dn="cn=samba_admin,ou=People,dc=domain,dc=com" read
by anonymous auth
by * none
#
access to *
by * read
my /var/ldap/ldap_client_file:
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_SERVERS= 127.0.0.1
NS_LDAP_SEARCH_BASEDN= dc=domain,dc=com
NS_LDAP_AUTH= simple
NS_LDAP_CACHETTL= 43200
NS_LDAP_PROFILE= default
NS_LDAP_CREDENTIAL_LEVEL= proxy
NS_LDAP_SERVICE_SEARCH_DESC= auto_home:nisMapName=auto_home,dc=domain,dc=com
NS_LDAP_ATTRIBUTEMAP= automount:automountKey=cn
NS_LDAP_ATTRIBUTEMAP= automount:automountInformation=nisMapEntry
NS_LDAP_ATTRIBUTEMAP= automount:automountMapName=nisMapName
NS_LDAP_OBJECTCLASSMAP= automount:automount=nisObject
NS_LDAP_OBJECTCLASSMAP= automount:automountMap=nisMap
I don't believe you will want any of the automount stuff, we use
profiles and I've changed the LDAP_SERVERS list so that it doesn't
have all 30 machines in it (we also have syncrepl enabled with chains
to replicas) :)
not sure if the access stuff makes any difference.
you might want to change your bind auth to simple ...
you shouldn't need to put any users in your /etc/passwd.
Jon
_______________________________________________
OpenIndiana-discuss mailing list
[email protected]
http://openindiana.org/mailman/listinfo/openindiana-discuss
