we have profiles defined inside our OpenLDAP that make this easier to support on machines ...
dn: ou=profile,dc=myorg,dc=com objectClass: top objectClass: organizationalUnit ou: profile dn: cn=default,ou=profile,dc=myorg,dc=com objectClass: top objectClass: DUAConfigProfile defaultSearchBase: dc=myorg,dc=com cn: default credentialLevel: proxy objectclassMap: automount:automountMap=nisMap objectclassMap: automount:automount=nisObject attributeMap: automount:automountMapName=nisMapName attributeMap: automount:automountInformation=nisMapEntry attributeMap: automount:automountKey=cn defaultServerList: <my server list> authenticationMethod: simple serviceSearchDescriptor: auto_home:nisMapName=auto_home,dc=myorg,dc=com profileTTL: 43200 the we run: ldapclient init -v -a profileName=default \ -a domainname=myorg.com \ -a proxyDN=cn=proxyadmin,ou=People,dc=myorg,dc=com \ -a proxyPassword=<proxy secret> \ <main server> and that gets us up and running. what schema do you have added to your slapd.conf? Jon On 29 January 2014 04:52, Randall Svancara <rsvanc...@wsu.edu> wrote: > I will take a stab at this list...who knows I may get lucky. > > I am attempting to configure LDAP authentication for OpenIndiana...some > recent version. > > I am using manual configuration for the ldap client tool: > > #!/bin/bash > ldapclient manual \ > -a credentialLevel=proxy \ > -a authenticationMethod=simple \ > -a defaultSearchBase=dc=tldhost,dc=wsu,dc=edu \ > -a defaultSearchScope=sub \ > -a domainName=storage.local \ > -a defaultServerList=mgt.local \ > -a proxyDN=cn=superadmin,dc=tldhost,dc=wsu,dc=edu \ > -a proxyPassword=XXXXXXXXXXXXXXXXX \ > -a attributeMap=group:gidnumber=gidNumber \ > -a attributeMap=passwd:gidnumber=gidNumber \ > -a attributeMap=passwd:uidnumber=uidNumber \ > -a attributeMap=passwd:homedirectory=homeDirectory \ > -a attributeMap=passwd:loginshell=loginShell \ > -a attributeMap=shadow:userpassword=userPassword \ > -a objectClassMap=group:posixGroup=posixgroup \ > -a objectClassMap=passwd:posixAccount=posixaccount \ > -a objectClassMap=shadow:shadowAccount=posixaccount \ > -a serviceSearchDescriptor=passwd:ou=users,dc=tldhost,dc=wsu,dc=edu \ > -a serviceSearchDescriptor=group:ou=groups,dc=tldhost,dc=wsu,dc=edu \ > -a serviceSearchDescriptor=shadow:ou=users,dc=tldhost,dc=wsu,dc=edu > > When I try to run > > ldaplist -vvv password > +++ database=password > +++ filter=objectclass=posixaccount > +++ template for merging SSD filter=%s > ldaplist: Object not found (LDAP ERROR (32): No such object.) > > I have these objects in the LDAP database? Any ideas? > > I can take the filter and plug it directly into ldapsearch and I can > return results. > > Thanks, > > Randall > > > > > On 01/28/2014 06:30 PM, Randall Svancara wrote: > >> Hi, >> >> Is this the correct list to ask questions like how to configure LDAP >> authentication? >> >> Thanks, >> >> Randall >> >> _______________________________________________ >> OpenIndiana-discuss mailing list >> OpenIndiana-discuss@openindiana.org >> http://openindiana.org/mailman/listinfo/openindiana-discuss >> > > > _______________________________________________ > OpenIndiana-discuss mailing list > OpenIndiana-discuss@openindiana.org > http://openindiana.org/mailman/listinfo/openindiana-discuss > _______________________________________________ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss