Hi All,
I have openLDAP on ubuntu and LDAP client on Solaris. What I need is a user should be able to log in to the solaris server with a user that is present in LDAP (not in /etc/passwd of Solaris machine)
I have added object classes nisDomainObject, ndsLoginProperties and ndsContainerLoginProperties (all inherits from organizationalUnit) and also added an attribute nisDomain.
Then I created a user asmii like :
dn: uid=asmii,ou=people,dc=ldap-company,dc=com objectClass: organizationalUnit objectClass: nisDomainObject objectClass: posixAccount objectClass: shadowAccount uid: asmii ou: asmii cn: asmii uidNumber: 1006 gidNumber: 10000 userPassword: password gecos: asmii loginShell: /bin/bash homeDirectory: /home/asmii nisDomain: ldap-company.com shadowExpire: -1 shadowFlag: 0 shadowWarning: 7 shadowMin: 8 shadowMax: 999999 shadowLastChange: 10877 postalCode: 122015 l: Toulouse postalAddress:
Now I need to create a profile so that the LDAP client on Solaris can download it.
Please let me know what is this profile and how do I create this.
I googled a bit and found that I need a ObjectClass DUAConfigProfile in my LDAP. Is this the ObjectClass I need in my LDAP server? What would I do next? How do I connect the user "asmii" with a profile?
Please suggest.
Thanks in advance.
Regards Asimananda Mohanty
Hi All,
Here is the version of my OpenLDAP in case it is required.
@(#) $OpenLDAP: slapd 2.4.15 (Mar 19 2009 10:08:25) $ buildd@palmer :/build/buildd/openldap-2.4.15/debian/build/servers/slapd
Regards Asimananda Mohanty
On Mon, Nov 16, 2009 at 12:30 PM, Asimananda Mohanty < asimananda.mohanty@gmail.com> wrote:
Hi All,
I have openLDAP on ubuntu and LDAP client on Solaris. What I need is a user should be able to log in to the solaris server with a user that is present in LDAP (not in /etc/passwd of Solaris machine)
I have added object classes nisDomainObject, ndsLoginProperties and ndsContainerLoginProperties (all inherits from organizationalUnit) and also added an attribute nisDomain.
Then I created a user asmii like :
dn: uid=asmii,ou=people,dc=ldap-company,dc=com objectClass: organizationalUnit objectClass: nisDomainObject objectClass: posixAccount objectClass: shadowAccount uid: asmii ou: asmii cn: asmii uidNumber: 1006 gidNumber: 10000 userPassword: password gecos: asmii loginShell: /bin/bash homeDirectory: /home/asmii nisDomain: ldap-company.com shadowExpire: -1 shadowFlag: 0 shadowWarning: 7 shadowMin: 8 shadowMax: 999999 shadowLastChange: 10877 postalCode: 122015 l: Toulouse postalAddress:
Now I need to create a profile so that the LDAP client on Solaris can download it.
Please let me know what is this profile and how do I create this.
I googled a bit and found that I need a ObjectClass DUAConfigProfile in my LDAP. Is this the ObjectClass I need in my LDAP server? What would I do next? How do I connect the user "asmii" with a profile?
Please suggest.
Thanks in advance.
Regards Asimananda Mohanty
Asimananda Mohanty wrote:
Then I created a user asmii like :
dn: uid=asmii,ou=people,dc=ldap-company,dc=com objectClass: organizationalUnit objectClass: nisDomainObject objectClass: posixAccount objectClass: shadowAccount
This set of object classes look strange to me for a user entry. I'd recommend something like this for a user entry:
objectClass: account objectClass: nisDomainObject (not sure about that) objectClass: posixAccount objectClass: shadowAccount
Now I need to create a profile so that the LDAP client on Solaris can download it.
Please let me know what is this profile and how do I create this.
I googled a bit and found that I need a ObjectClass DUAConfigProfile in my LDAP. Is this the ObjectClass I need in my LDAP server? What would I do next? How do I connect the user "asmii" with a profile?
You should read and understand http://www.ietf.org/rfc/rfc4876.txt and then include duaconf.schema in your slapd.conf.
Ciao, Michael.
openldap-technical@openldap.org
-
Asimananda Mohanty -
Michael Ströder