[Fedora-directory-users] RE: Solaris 10 central auth through FDS

Luke Bigum lbigum at iseek.com.au
Wed Mar 18 22:40:53 UTC 2009 

'nisDomain' is an attribute of the obectClass 'nisDomainObect', so first you'll want to (something like):

dn: dc=foobar,dc=com
changetype: modify
add: objectClass
objectClass: nisDomainObject

Luke Bigum
Systems Administrator
 (p) 1300 661 668
 (f)  1300 661 540
(e)  lbigum at iseek.com.au<mailto:lbigum at iseek.com.au>
http://www.iseek.com.au<http://www.iseek.com.au/>
Level 1, 100 Ipswich Road Woolloongabba QLD 4102

[cid:image001.jpg at 01C9A86E.6A1CA1A0]

This e-mail and any files transmitted with it may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorised to receive for the recipient), please contact the sender by reply e-mail and delete all copies of this message.


From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Aaron Mills
Sent: Thursday, 19 March 2009 6:03 AM
To: General discussion list for the Fedora Directory server project.
Subject: Re: [Fedora-directory-users] RE: Solaris 10 central auth through FDS

Thanks for the help - I'm following this doc a little more closely, but I'm stuck at the part where it says to add the nisDomain attribute type to the root node:
http://directory.fedoraproject.org/wiki/Howto:SolarisClient#Solaris_10_LDAP_Client

When I attempt to add the following:

dn: dc=foobar,dc=com
changetype: modify
add: nisdomain
nisdomain: foobar.com

I get the error: "additional info: attribute "nisDomain" not allowed"

I've double checked the object type of my domain and it's set to domain and top. Is there another value I need to modify? The solaris client keeps failing with this:

NOTFOUND:Could not find the nisDomainObject for DN dc=foobar, dc=com

    -Aaron




On 3/16/09 4:17 PM, "Luke Bigum" <lbigum at iseek.com.au> wrote:
Aaron, that's the documentation I followed, it should be correct. Make sure you take a note of the first point and modify the script. Here's my copy of the chk_ids_version function:

chk_ids_version()
{
    [ $DEBUG -eq 1 ] && ${ECHO} "In chk_ids_version()"

    # check iDS version number.
    eval "${LDAPSEARCH} ${SERVER_ARGS} -b cn=monitor -s base \"objectclass=*\" version | ${GREP} \"^version=\"
 | cut -f2 -d'/' | cut -f1 -d' ' > ${TMPDIR}/checkDSver 2>&1"
    if [ $? -ne 0 ]; then
        ${ECHO} "ERROR: Can not determine the version number of iDS!"
        exit 1
    fi
    IDS_VER=`cat ${TMPDIR}/checkDSver`
    IDS_MAJVER=`${ECHO} ${IDS_VER} | cut -f1 -d.`
    IDS_MINVER=`${ECHO} ${IDS_VER} | cut -f2 -d.`
    if [ "${IDS_MAJVER}" != "5" ] && [ "${IDS_MAJVER}" != "6" ] && [ "${IDS_MAJVER}" != "1" ]; then
        ${ECHO} "ERROR: $PROG only works with JES DS version 5.x and 6.x and FDS 1.1.3, not ${IDS_VER}."
        exit 1
    fi
    if [ $DEBUG -eq 1 ]; then
        ${ECHO} "  IDS_MAJVER = $IDS_MAJVER"
        ${ECHO} "  IDS_MINVER = $IDS_MINVER"
    fi
}

If that doesn't fix your problem, can you find out where in the script it's dying?


Luke Bigum
Systems Administrator
(p) 1300 661 668
 (f)  1300 661 540
(e)  lbigum at iseek.com.au <mailto:lbigum at iseek.com.au>
http://www.iseek.com.au <http://www.iseek.com.au/>
Level 1, 100 Ipswich Road Woolloongabba QLD 4102

[cid:image001.jpg at 01C9A86E.6A1CA1A0]

This e-mail and any files transmitted with it may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorised to receive for the recipient), please contact the sender by reply e-mail and delete all copies of this message.



From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Aaron Mills
Sent: Tuesday, 17 March 2009 3:26 AM
To: discussion list for the Fedora Directory server project.
Subject: [Fedora-directory-users] Solaris 10 central auth through FDS

Hi All,

I'm trying to hook a bunch of Solaris 10 boxes into my FDS install for central user authentication. I've already got a dozen or so linux boxes authenticating off FDS 1.1.3.

I was reading the documentation here:
http://directory.fedoraproject.org/wiki/Howto:SolarisClient#Solaris_10_LDAP_Client

Which seems to be slightly outdated (idsconfig fails consistently). Is there a newer doc out there somewhere and/or has anyone had success with the Wiki's instructions? Any advice would be much appreciated.

Thanks,

    -Aaron

--
Aaron Mills
Systems Administrator
Return Path
http://www.returnpath.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20090319/d1e0690f/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 3245 bytes
Desc: image001.jpg
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20090319/d1e0690f/attachment.jpg>

More information about the Fedora-directory-users mailing list