[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Solaris 10 Heimdal kerberos/ldap

Henry B. Hotz wrote:
> I just started working on this for Redhat.  Any gotcha's?  Does RedHat 
> have ldap cacheing the way Solaris does?
> Solaris is next.  I would think you could use ldapclient to get ldap 
> and cacheing configured.  Then put ldap in as a source in /etc/ 
> nsswitch.conf for whatever's appropriate.  Then put pam_krb5 in the 
> relevant pam chains.  I think there may be an account chain that 
> should have pam_ldap instead of pam_krb5.

Do yourself a favor and don't use Solaris ldapclient for anything. Not 
if you already have Linux systems working with LDAP on your network; the 
Solaris schema is incompatible with RFC2307 and just about anything 
else. Jettison all their junk and install the PADL stuff so that you'll 
get consistent identical behavior across Linux and Solaris.
> Simple in theory.  ;-)
> On Dec 28, 2006, at 3:43 AM, Kent Nasveschuk wrote:
>> Hello,
>> Is there anyone using Heimdal Kerberos/LDAP for Solaris 10 clients? I've
>> struggled through getting Fedora and RedHat to work with this but I'm
>> having problems Solaris.
>> LDAP version 2.3.27
>> Heimdal 0.7.2
>> Thanks.
>> Kent N
> ------------------------------------------------------------------------
> The opinions expressed in this message are mine,
> not those of Caltech, JPL, NASA, or the US Government.
> Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu

  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/