Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: Native LDAP clients with eDirectory

9 views
Skip to first unread message

a...@novell.com

unread,
Nov 5, 2009, 1:40:06 PM11/5/09
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Could you elaborate on what you mean by LDAP clients? Up until the very
last sentence I figured you meant things like 'ldapsearch' and
'ldapmodify', all of which work just fine with eDirectory as they come
from the openldap projbect.

Good luck.

wakeman wrote:
> Hallo,
>
> I have a general question.
> We have a lot of Solaris 10 systems with native LDAP clients and would
> like to know what needs to be done to have them work with eDirectory
> LDAP server?
> What are the disadvantages or bottlenecks?
> Perhaps the best way is to also use eDirectory clients, but we want to
> avoid it.
>
> I read on some old forum, that an external program - padl - was needed
> and it had to be compiled. Has it improved sinced then?
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJK8xwGAAoJEF+XTK08PnB58vgQAKdDucK/bQZUBPmBQqxnumJK
bDo2F/Fw8ejsFbz3NEzj8Iajr+ynrXESAFVv5CoLL6oWc21e9tqpY+3iWuevmyRm
hsTbYijJ3KfNUlkGcfuGQpHBM1PaNFebDfZS7iVRIj4tvNnYCQRtt8Fveoi/t4TN
ywgAUNCGdHJ+dPCPLesd6bVreXu+NrTG2s0heR1Oma/hye8CFX67+fvQMjaCVhfr
uYLfRHgFXgOocx2GQuwk7066+NXHzq35DvNH7iIgs/qFrr7/Odf4AzmWQ+Wxjtwt
I1/uHIHr5PfmJeT62c3+hseLCHPbn0AkWez5i1B/FV9CZp5du6i3AD9Cn/U8WL6v
WpWUZByUtbNmTwmnvAzt5P+gfEeLgP/twYXATykuPsfZAMw+7KS6YTGBRf7qmqnc
BQH3x3GWc5ep4ZZprQ5Xx+h7QqE8lSb48HhQV2wDu2tDlaLAujgYKYlC1+q/6eey
6D2wUaOgPuFn6p9P+pK8ctbKu+dHZfauXNTJUqlWF6olnWa4bOHYt/5XD10lHDIW
RJUQ8DrOZaqWk3jyZ2CdLKHyaD2FEzGNWTL2/ex/LJYni6lKIs/0DRKQTW6DVFIY
q+AkliiXbFhU4ruy5oD8Ioe7/8Dji6kiOGRAgL27RA7HXohNAXJTzL5CYbObJYta
vbA9liofPaSWEhL/C6AA
=miYO
-----END PGP SIGNATURE-----

David Gersic

unread,
Nov 5, 2009, 2:59:30 PM11/5/09
to
On Thu, 05 Nov 2009 15:56:02 +0000, wakeman wrote:

> We have a lot of Solaris 10 systems with native LDAP clients and would
> like to know what needs to be done to have them work with eDirectory
> LDAP server?

The Solaris versions of ldapsearch and ldapmodify and friends are badly
broken. They use some ancient SSL code and require you to have a
certificate store cert7.db file that can be a pain to create.

Grab the ports of the OpenLDAP tools if you're going to use them. Or,
install STunnel on the Solaris box and let your LDAP tools pretend to
talk to a local server, allowing STunnel to manage the encryption.


--
---------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu
Novell Knowledge Partner http://forums.novell.com

Please post questions in the newsgroups. No support provided via email.

a...@novell.com

unread,
Nov 6, 2009, 7:35:22 AM11/6/09
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

OpenLDAP's implementation is the only one I use (though eDirectory comes
with its own version of ldap* commands as well in its directory structure)
so I'd start with those. With that said it really shouldn't matter.
Graphical tools also exist and work across servers of course (Apache
Directory Studio, LDAP Browser/Editor 2.8.x, etc.).

Good luck.

wakeman wrote:
> Hi,
>
> I'm not very familiar with LDAP but what I meant was using the standard
> LDAP client features like ldapsearch while maintaining the stable LDAP
> environment with clients from one vendor (SUN) and LDAP servers from
> another (Novell).


>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJK9BgKAAoJEF+XTK08PnB5+woP/2GC0jR7KFaf9dz3IYuPPOQa
Pmg0r1wwhcJBC6gXz3Mnj63QIjlMJFedVz86LX3xmbfDYeuSnmBxbA73UNATTESw
0RwK5AAXEIqE/pd+WOXpoxz5GoD+XEAoXXFCGU6IIaDC9NXWKS/uaNPFRfdrfTJy
316/xmPl61gWZKqu65cIMOyMm/iqVy023cxb2XAcxSkWyt2vWBUHaiWnbY1fatx0
IZlgySBQw05/Nqa4O2f+UQobh+58uZAzEK/Kazpj/j+w6otJBlyXBootSttxIEa0
9+rlTogiI96Z/xVAQiKVQyFNUyHxwJqDZL9CF/eQ2xOu0KM7hRSl2NTWRRyRabiF
hcCR2dl/n+/ra1pwI1lH8fKIq29BTgfmzUIXW/dkuEl/QCLAbkNQTj/uWG21NfOf
QoqvYja52ry+bcJffAlLtuzOIqweHWA5F2MsyTgVP/P99bWtTGqUQpdb3eTOD9y6
aN/iezayMAxmN64JnAF0ss0WjnvPt0iAfSHmg3jxgEh/+JWXMGiVVJxll3h6xbHk
LhfEcKxAVgbh9fJnuqQ8GKPAd5oGCLNPZ9AuBocWAzpJN9CJDFGyhkS1xQRxywWQ
C150Vf0/flYBVpTiNglWJiErOuORdl8Y0Ld0Aubs7ClZhQwobmixcXOmkmfBlc6A
Z4tM10D+01edRFyIeI9B
=n6bU
-----END PGP SIGNATURE-----

Jim Willeke

unread,
Nov 9, 2009, 5:12:47 AM11/9/09
to
We have done this int he past and you should not require PADL.

You will probably need to setup the schema in eDirectory with the posix
and perhaps the DUA - http://ldapwiki.willeke.com/wiki/DUAConfigProfile

Solaris has its own libraries for PAM and NSS that should work fine.

-jim

On 11/5/2009 10:56 AM, wakeman wrote:
>
> Hallo,
>
> I have a general question.

> We have a lot of Solaris 10 systems with native LDAP clients and would
> like to know what needs to be done to have them work with eDirectory
> LDAP server?

0 new messages