[Freeipa-users] Installing IPA on Solaris 10
Rob Crittenden
rcritten at redhat.com
Wed Feb 3 15:11:19 UTC 2010
Andy Singleton wrote:
> Hi rob,
>
> Glad you caught up with this problem.
>
> The nsswitch.conf is set up as per the install document. So:
> passwd: files ldap[NOTFOUND=return]
> group: files ldap[NOTFOUND=return]
>
> The system uses the standard solaris nss_ldap package.
Ok, can you see if you can get a specific user and group:
getent passwd admin
getent group ipausers
rob
>
> Cheers
> Andy
>
> ----- Original Message -----
> From: Rob Crittenden <rcritten at redhat.com>
> To: Andy Singleton
> Cc: freeipa-users at redhat.com <freeipa-users at redhat.com>
> Sent: Tue Feb 02 21:01:33 2010
> Subject: Re: [Freeipa-users] Installing IPA on Solaris 10
>
> Andy Singleton wrote:
> > Hi guys,
> >
> >
> >
> > I am installing IPA 1.2.2 client installation on one of our Solaris
> > servers, and I cant seem to get the system to see the IPA users. “getent
> > passwd” only returns local users, and no traffic is leaving the client
> > for the IPA server for ldap.
> >
> >
> >
> > I have followed the instructions from the documentation, but I
> > definitely get the feeling that something is missing.
> >
> > All the various configuration files are populated, and the Kerberos
> > portion works correctly because I can obtain a ticket.
> >
> > So possibly there is a problem with the nss_ldap part, or the ldap.conf
> > itself.
> >
> >
> >
> > Does anyone know common problems that might have this result on
> Solaris 10?
> >
> >
> >
> > For reference, here is the /etc/ldap.conf file:
> >
> >
> >
> > ldap_version 3
> >
> > base cn=compat,dc=live,dc=tipp24,dc=net
> >
> > nss_base_passwd cn=users,cn=compat,dc=live,dc=tipp24,dc=net?sub
> >
> > nss_base_group cn=groups,cn=compat,dc=live,dc=tipp24,dc=net?sub
> >
> > nss_schema rfc2307bis
> >
> > nss_map_objectclass shadowAccount posixAccount
> >
> > nss_map_attribute uniqueMember member
> >
> > nss_initgroups_ignoreusers root,dirsrv,oracle
> >
> > nss_reconnect_maxsleeptime 8
> >
> > nss_reconnect_sleeptime 1
> >
> > bind_timelimit 2
> >
> > timelimit 4
> >
> > nss_srv_domain live.tipp24.net
> >
> > uri ldap://ipaserver1.live.tipp24.net ldap://ipaserver2.live.tipp24.net
> >
> >
> >
> > Thanks
> >
> > Andy
>
> Sorry, missed this one last week..
>
> What does /etc/nsswitch.conf read? Is it configured to use ldap?
>
> You might also try killing nscd in case it is interfering.
>
> rob
>
More information about the Freeipa-users
mailing list