This is a mapping issue, I am very close. Even though I have specified a base of "o=stmarys" (our unusual LDAP base), the ldap client is looking in "ou=people,o=stmarys", i.e. prepending ou=people, this is not in my config. So I am very close, I think the right serviceSearchDescriptorparameter can be found:
Snoop of ldap query: LDAP: ----- Lightweight Directory Access Protocol Header ----- LDAP: *[LDAPMessage] LDAP: [Message ID] LDAP: Operation *[APPL 3: Search Request] LDAP: [Base Object] LDAP: ou=people,o=stmarys LDAP: [Scope] LDAP: singleLevel ldap_client_file: NS_LDAP_FILE_VERSION= 2.0 NS_LDAP_SERVERS= 149.137.1.130 NS_LDAP_SEARCH_BASEDN= ou=CATS,o=stmarys NS_LDAP_AUTH= simple NS_LDAP_CACHETTL= 0 NS_LDAP_CREDENTIAL_LEVEL= proxy NS_LDAP_ATTRIBUTEMAP= shadow:userpassword=userPassword NS_LDAP_ATTRIBUTEMAP= shadow:shadowflag=shadowFlag NS_LDAP_ATTRIBUTEMAP= passwd:loginshell=loginShell NS_LDAP_ATTRIBUTEMAP= passwd:homedirectory=unixHomeDirectory NS_LDAP_ATTRIBUTEMAP= passwd:uidnumber=uidNumber NS_LDAP_ATTRIBUTEMAP= passwd:gidnumber=gidNumber NS_LDAP_ATTRIBUTEMAP= passwd:gecos=cn NS_LDAP_ATTRIBUTEMAP= group:gidnumber=gidNumber NS_LDAP_ATTRIBUTEMAP= group:memberuid=memberUid NS_LDAP_ATTRIBUTEMAP= group:userpassword=userPassword NS_LDAP_OBJECTCLASSMAP= shadow:shadowAccount=person NS_LDAP_OBJECTCLASSMAP= passwd:posixAccount=person -- This message posted from opensolaris.org _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
