This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
SolarisPAMAndLDAP
SolarisPAMAndLDAP

Version management

Difference between version and

At line 1 added 61 lines
The Solaris 9 OE implementation requires the use of profiles and the LDAP cache manager.
The old profile type is identified as:
{{{NS_LDAP_FILE_VERSION = 1.0}}}
The new profile type is:
{{{NS_LDAP_FILE_VERSION = 2.0}}}
The profile type is determined by whether the profile contains the DUAconfigProfile object class or the SolarisNamingProfile object class. Profiles containing the former class are considered version 2.0.
!New Automount Object Class
In the Solaris 8 OE implementation, automount maps were represented by the generic nisObject object class, which contained a key and an associated value. The Solaris 9 OE implementation introduces two new object classes to hold automap information: automount and automountMap.
The [Name Service Switch] search criteria in the [nsswitch.conf] for the auto_home and auto_master tables and maps is combined into one category, which is called automount.
!!!Troubleshooting Solaris 10 (and Probably Solaris 9)
!!Useful Commands
* ldaplist - search and list naming information from an LDAP directory using the configured profile. Performs a LDAP search to directory based on the in-use profile. May not be the same results as getent.!How To
See an entry within LDAP:
{{{
ldaplist -l passwd abdol
dn: uid=abdol,ou=int,ou=people,dc=nationwidedir,dc=poc
loginShell: /usr/bin/ksh
homeDirectory: /home/abdol
gecos: Abdol, Linda, 614-249-7111
gidNumber: 280
uidNumber: 52658
uid: abdol
givenName: Linda
sn: Abdo
objectClass: inetOrgPerson
objectClass: nwPersonInfo
objectClass: organizationalPerson
objectClass: Person
objectClass: ndsLoginProperties
objectClass: Top
objectClass: posixAccount
objectClass: shadowAccount
cn: ABDOL
}}}
or
{{{
scott:root> ldaplist passwd abdol
dn: uid=abdol,ou=int,ou=people,dc=nationwidedir,dc=poc
}}}
!Check how values are returned:
{{{
getent passwd abdol
abdol:x:52658:280:Abdol, Linda, 614-249-7111:/home/abdol:/usr/bin/ksh
}}}
or
{{{
getent group tty
tty::7:root,adm
}}}!Check the ldap client is running:
{{{svcs -l network/ldap/client:default}}}!!Notes
Note that Solaris "ldapclient" has a irritating act that it reset the "hosts:" entry to "hosts: files ldap", this should be adjusted back to "hosts: files dns", otherwise something like telnet/ftp/ssh will break on hostname lookup.!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop