[Freeipa-users] IPA Solaris Clients
Rob Crittenden
rcritten at redhat.com
Mon Jan 5 18:36:13 UTC 2009
Brian Likosar wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I've tried with 4 different Solaris clients, but I can't seem to get IPA
> to work following the documentation at
> http://www.freeipa.org/page/ConfiguringSolarisClients.
>
> Each of the following clients fails (as in, returns nothing) to the
> getent commands suggested in section 4:
> Solaris 8 SPARC
> Solaris 9 SPARC
> Solaris 10 SPARC
> Solaris 10 x86
>
> Is there something I'm doing wrong? Any ideas as to what I can
> troubleshoot/what logs to look in? I don't actually see any requests
> come to IPA at all when I perform the getent, but nsswitch.conf is
> configured as specified in the link.
Look in /var/ldap/ldap_client_file on a Solaris machine to verify that
the configuration is ok (you don't want to make manual changes here,
they will be lost).
See if you can contact the LDAP server using ldapsearch:
% ldapsearch -h ipa.example.com -b "dc=example,dc=com" uid=admin
If the connection fails see if you have a firewall in between (iptables
on Linux).
Logs to check are:
Solaris: /var/adm/messages
Linux: /var/log/dirsrv/slapd-INSTANCE/access
If the Solaris machine is issuing LDAP queries you'd see them in the FDS
access log eventually (there is a 30-second buffer by default).
rob
More information about the Freeipa-users
mailing list