On Wed, 2008-07-16 at 15:08 -0400, Jeff Blaine wrote:
Changing the definition of nisNetgroupTriple in nis.schema to the modern-but-unofficial definition solves the problem for us. We'll just need to remember to always drop our nis.schema in place with every OpenLDAP upgrade :/
attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC 'Netgroup triple' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
FWIW, from the ldap man page for Solaris:
Solaris LDAP clients use the LDAP v3 protocol to access nam- ing information from LDAP servers. The LDAP server must sup- port the object classes and attributes defined in RFC2307bis (draft), which maps the naming service model on to LDAP.I wonder what, if any, other problems I'll run into with Solaris clients querying non-Solaris OpenLDAP servers.
Nothing relating to RFC2307bis, mainly bugs in Solaris, and lack of support for newer standards (start_tls, support for SubjectAlternativeNames in SSL certificates etc.).
Regards, Buchan