Re: [nssldap] nss_ldap under Solaris 10
[Date Prev][Date Next] [Thread Prev][Thread Next]Re: [nssldap] nss_ldap under Solaris 10
- From: "Dan Am" <ldap [at] lonx.net>
- To: nssldap [at] padl.com
- Subject: Re: [nssldap] nss_ldap under Solaris 10
- Date: Sat, 19 Jan 2008 22:37:49 +0100
Hello,
we compiled nss_ldap on Solaris with Openldap Libraries a couple of years ago. Only issue was the
CDE Screensaver, which crashed and had to be replaced with xsreensaver by fiddling the /etd/dt files.
This authentices againt MS-AD, which also implements rfc2307bis.
Out of plain lazyless we tried the libraries on Solaris 10 and they worked fine.
HTH
Dan
2008/1/19, Matthew Hardin <mhardin [at] symas.com
>:
Hi Paul,
Paul B. Henson wrote:
> We are trying to integrate Solaris 10 into an existing openLDAP based
> system currently used by our Linux servers. We use nss_ldap for Linux
> (obviously) which has worked very well for us.
>
> I thought I'd try to get the native client working under Solaris just for
> support purposes (even though I didn't like it upon first sight), but have
> run into two showstopper problems.
>
> First, there is no way to use TLS encryption for the client unless you are
> also authenticating to the LDAP server.
>
> [snip]
We at Symas have successfully built and packaged pam_ldap and nss_ldap
for Solaris 10. There have been no reported issues with our current
releases, and the packages appear to be working well at a number of
large and small sites.
One thing to watch for in the standard build for nss_ldap that uses SSL,
particularly on Solaris, is the namespace pollution that takes place if
nss_ldap is loaded directly into a process's namespace. This can cause
segfaults and other anomalous behavior in programs like sshd. Using
Sun's (broken) LDAP libraries may mitigate this somewhat. We worked
around this through a different approach.
> I apologize if this has been recently discussed, I tried to search the
> archives at http://www.netsys.com/nssldap/, but that server seems
> unresponsive.
>
>
Hasn't been discussed in recent memory...
> Thanks...
>
>
--
Matthew Hardin
Symas Corporation - The LDAP Guys
http://www.symas.com
--
================================================================
Daniel Amthor (Projektmanagement, Technische Leitung); http://www.linworks.de
LINworks GmbH; Postanschrift: Postfach 100121, 64201 Darmstadt
Hausanschrift: Robert-Koch-Str. 9; 64331 Weiterstadt DE
Tel.: +49 6151 9067-208, Fax: -299
Unternehmenssitz: Weiterstadt, Amtsgericht Darmstadt: HRB 85202
Geschäftsführer: Metin Dogan, Oliver Michel
________________________________________________________________
GPG-Fingerprint: BFB0 2A88 7930 E52B B20A 1FCC 5211 7A54 0BAA BD5C
- [nssldap] nss_ldap under Solaris 10,
Paul B. Henson
- Re: [nssldap] nss_ldap under Solaris 10,
Matthew Hardin
- Re: [nssldap] nss_ldap under Solaris 10, Dan Am
- Re: [nssldap] nss_ldap under Solaris 10,
Paul B. Henson
- Re: [nssldap] nss_ldap under Solaris 10,
Jacob Pszonowsky
- Re: [nssldap] nss_ldap under Solaris 10,
Tony Earnshaw
- Re: [nssldap] nss_ldap under Solaris 10, Paul B. Henson
- Re: [nssldap] nss_ldap under Solaris 10,
Tony Earnshaw
- Re: [nssldap] nss_ldap under Solaris 10,
Jacob Pszonowsky
- Re: [nssldap] nss_ldap under Solaris 10,
Matthew Hardin
- Prev by Date: Re: [nssldap] nss_ldap under Solaris 10
- Next by Date: Re: [nssldap] nss_ldap under Solaris 10
- Previous by thread: Re: [nssldap] nss_ldap under Solaris 10
- Next by thread: Re: [nssldap] nss_ldap under Solaris 10