On 23 Mar 2010, at 15:09, Nick wrote: > Aha! Setting the proxyDN and proxyPassword did, indeed, help. I guess I may > open a bug for this one - those parameters should not be required when > credentialLevel=anonymous.
It has been broken like that since Solaris 10 (and perhaps the backported ldapclient used by Solaris 8). I believe there's some work going on to replace ldapclient; hopefully it won't preserve that particular bug :-) > Now I just need to get TLS working...does anyone know off the top of their > heads if ldapclient in Opensolaris (build 134) requires cert7 or cert8 DBs? cert7.db, I think. At least that's what 'man ldapsearch' says it uses, and the requirement seems to come from the shared libsldap used by ldapsearch and ldapclient. Are there any tools to manipulate cert7.db files in OS? Cheers, Chris
