lists.arthurdejong.org
RSS feed

Re: Solaris compile

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Solaris compile



Hi Neil,

I'm not sure if Solaris nscd caches binds. That said we use nslcd on our Linux machines and the built-in Solaris LDAP client on our OpenIndiana machines. Solaris auth can be cranky to set up even when you use the built-ins, and my experience with using non-Sun LDAP modules (PADL) in the past is that due to the cobwebs in Solaris auth it's temperamental at best. 

Solaris distros since circa 2007 have had decent LDAP clients so I'd recommend that path. We've got a Chef cookbook for ldap_auth on Solaris and Ubuntu if that would be helpful. 

-J

Sent via iPhone

Is your email Premiere?

On Jan 17, 2012, at 10:35, "Neil McBennett" <Neil.McBennett [at] sportingbet.com> wrote:

Hi Jason,

We have Solaris and Linux boxes here and I wanted to implement a solution that was common to both if possible. I have used the native LDAP client in Solaris before but I seem to recall that ldap cache manager didn’t keep a connection open, but did a new ldap bind each time (I may be wrong!).

 

Neil


From: Jason J. W. Williams [mailto:jasonjwwilliams@gmail.com]
Sent: 17 January 2012 17:24
To: Neil McBennett
Cc: <nss-pam-ldapd-users [at] lists.arthurdejong.org>
Subject: Re: Solaris compile

 

Hi Neil,

 

I apologize if you've answered this already. Why are you preferring nslcd to the built in Solaris LDAP client?

 

-J

Sent via iPhone

 

Is your email Premiere?


On Jan 17, 2012, at 7:59, "Neil McBennett" <Neil.McBennett [at] sportingbet.com> wrote:

Thanks Arthur,
I did manage to compile everything from the 0.8.5 code. Observations so
far as follows:
1. nscd doesn't work and this is a known issue. nscd seems to be tightly
integrated with Solaris' ldap cache manager, which is part of the native
ldap client. Does anyone already use nss-pam-ldapd on Solaris? If so are
you finding it a problem having nscd turned off?

2. I run truss on "ps" command and see the following...

# truss ps -ef 2>&1| grep ldap
stat("/lib/64/nss_ldap.so.1", 0xFFFFFFFF7FFFE200) Err#2 ENOENT
stat("/usr/lib/64/nss_ldap.so.1", 0xFFFFFFFF7FFFE200) = 0
resolvepath("/usr/lib/64/nss_ldap.so.1",
"/usr/lib/sparcv9/nss_ldap.so.1", 1023) = 30
open("/usr/lib/64/nss_ldap.so.1", O_RDONLY) = 4
stat("/lib/64/libsldap.so.1", 0xFFFFFFFF7FFFDEF0) Err#2 ENOENT
stat("/usr/lib/64/libsldap.so.1", 0xFFFFFFFF7FFFDEF0) = 0
resolvepath("/usr/lib/64/libsldap.so.1",
"/usr/lib/sparcv9/libsldap.so.1", 1023) = 30
open("/usr/lib/64/libsldap.so.1", O_RDONLY) = 4
open("/var/run/ldap_cache_door", O_RDONLY) Err#2 ENOENT
open("/var/run/ldap_cache_door", O_RDONLY) Err#2 ENOENT
open("/var/run/ldap_cache_door", O_RDONLY) Err#2 ENOENT
open("/var/run/ldap_cache_door", O_RDONLY) Err#2 ENOENT

Looks like certain utilities use 64 bit libraries so I will need to
compile 32 and 64 bit binaries.

Neil


This email message has been delivered safely and archived online by Mimecast.
For more information please visit http://www.mimecast.com


--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe [at] lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/




This email message has been delivered safely and archived online by Mimecast.
For more information please visit http://www.mimecast.com
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe [at] lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/
-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/