|
»
»
»
« Return to Thread: nss_ldap under Solaris 10
Re: nss_ldap under Solaris 10
by Dan Am-3
::
Rate this Message:
Hello,
we compiled nss_ldap on Solaris with Openldap Libraries a couple of years ago. Only issue was the
CDE Screensaver, which crashed and had to be replaced with xsreensaver by fiddling the /etd/dt files.
This authentices againt MS-AD, which also implements rfc2307bis.
Out of plain lazyless we tried the libraries on Solaris 10 and they worked fine.
HTH
Dan
--
================================================================
Daniel Amthor (Projektmanagement, Technische Leitung); http://www.linworks.de
LINworks GmbH; Postanschrift: Postfach 100121, 64201 Darmstadt
Hausanschrift: Robert-Koch-Str. 9; 64331 Weiterstadt DE
Tel.: +49 6151 9067-208, Fax: -299
Unternehmenssitz: Weiterstadt, Amtsgericht Darmstadt: HRB 85202
Geschäftsführer: Metin Dogan, Oliver Michel
________________________________________________________________
GPG-Fingerprint: BFB0 2A88 7930 E52B B20A 1FCC 5211 7A54 0BAA BD5C
we compiled nss_ldap on Solaris with Openldap Libraries a couple of years ago. Only issue was the
CDE Screensaver, which crashed and had to be replaced with xsreensaver by fiddling the /etd/dt files.
This authentices againt MS-AD, which also implements rfc2307bis.
Out of plain lazyless we tried the libraries on Solaris 10 and they worked fine.
HTH
Dan
2008/1/19, Matthew Hardin <mhardin@...
>:
Hi Paul,
Paul B. Henson wrote:We at Symas have successfully built and packaged pam_ldap and nss_ldap
> We are trying to integrate Solaris 10 into an existing openLDAP based
> system currently used by our Linux servers. We use nss_ldap for Linux
> (obviously) which has worked very well for us.
>
> I thought I'd try to get the native client working under Solaris just for
> support purposes (even though I didn't like it upon first sight), but have
> run into two showstopper problems.
>
> First, there is no way to use TLS encryption for the client unless you are
> also authenticating to the LDAP server.
>
> [snip]
for Solaris 10. There have been no reported issues with our current
releases, and the packages appear to be working well at a number of
large and small sites.
One thing to watch for in the standard build for nss_ldap that uses SSL,
particularly on Solaris, is the namespace pollution that takes place if
nss_ldap is loaded directly into a process's namespace. This can cause
segfaults and other anomalous behavior in programs like sshd. Using
Sun's (broken) LDAP libraries may mitigate this somewhat. We worked
around this through a different approach.
> I apologize if this has been recently discussed, I tried to search the
> archives at http://www.netsys.com/nssldap/, but that server seems
> unresponsive.
>
>
Hasn't been discussed in recent memory...
> Thanks...
>
>
--
Matthew Hardin
Symas Corporation - The LDAP Guys
http://www.symas.com
--
================================================================
Daniel Amthor (Projektmanagement, Technische Leitung); http://www.linworks.de
LINworks GmbH; Postanschrift: Postfach 100121, 64201 Darmstadt
Hausanschrift: Robert-Koch-Str. 9; 64331 Weiterstadt DE
Tel.: +49 6151 9067-208, Fax: -299
Unternehmenssitz: Weiterstadt, Amtsgericht Darmstadt: HRB 85202
Geschäftsführer: Metin Dogan, Oliver Michel
________________________________________________________________
GPG-Fingerprint: BFB0 2A88 7930 E52B B20A 1FCC 5211 7A54 0BAA BD5C
« Return to Thread: nss_ldap under Solaris 10
| Free Forum Powered by Nabble | Forum Help |