[Freeipa-users] Solaris 10 as IPA Client?

Sigbjorn Lie sigbjorn at nixtra.com
Mon Dec 5 10:51:46 UTC 2011 

Hi,

I found various appliances to require some specifications in terms of a LDAP filter to what to
look for.

E.g. for looking up a user in IPA will be (&(objectclass=person)(uid=username)). For AD the
similar search can be specified such as (&(sAMAccountName=l0290061)(objectclass=person))'. If you
have an option to choose LDAP or AD, the AD option would probably have a similar LDAP filter
already set, while the LDAP option allows you to create your own filter that suites your LDAP
server.

Also making sure you have specified the correct base DN, and making sure that the appliance will
search all sub CN's or OU's if required. With IPA: cn=users,cn=accounts,<SUFFIX> works for my
Solaris clients.

Making sure you bind with a user account if you have disabled anonymous access to your LDAP server.

These are the most common issues I've come across for configuring appliances to use LDAP.



Regards,
Siggi


On Mon, December 5, 2011 01:15, Steven Jones wrote:
> Hi,
>
>
> Maybe you do, I just didnt see it.....I will ask what the bluecoat and bluearc do.
>
>
> regards
>
> Steven Jones
>
>
> Technical Specialist - Linux RHCE
>
>
> Victoria University, Wellington, NZ
>
>
> 0064 4 463 6272
>
>
> ________________________________________
> From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of Dmitri Pal
> [dpal at redhat.com]
> Sent: Monday, 5 December 2011 1:05 p.m.
> To: freeipa-users at redhat.com
> Subject: Re: [Freeipa-users] Solaris 10 as IPA Client?
>
>
> On 12/04/2011 02:39 PM, Steven Jones wrote:
>
>> 8><-----------
>>
>>
>> Also Solaris assumes 2307 schema AFAIR and IPA is 2307bis.
>> So you need to enable compat tree on ipa side and point your Solaris
>> nss_ldap to the compat tree.
>>
>> 8><----------
>>
>>
>> We have a Sun solar storage SAN.....uses Solaris I cant get it to work....maybe that's what I
>> need to do to get them to talk....how to I enable "compat tree"?
>
>
> # ipa-compat-manage enable
>
>
>
> I checked the docs.  I was surprised we do not mention that Solaris is 2307.
> I will rise a bug.
>
>
>
>
>> Also would other hardware vendors be similar?  Im trying to get a bluecoat proxy server to talk
>> to IPA and it cant....
>>
>> regards
>>
>> Steven Jones
>>
>>
>> Technical Specialist - Linux RHCE
>>
>>
>> Victoria University, Wellington, NZ
>>
>>
>> 0064 4 463 6272
>>
>>
>> ________________________________________
>>
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>>
>>
>>
>
>
> --
> Thank you,
> Dmitri Pal
>
>
> Sr. Engineering Manager IPA project,
> Red Hat Inc.
>
>
>
> -------------------------------
> Looking to carve out IT costs?
> www.redhat.com/carveoutcosts/
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>

More information about the Freeipa-users mailing list