Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Sol10 - OpenLDAP Auth
Operating Systems Solaris Sol10 - OpenLDAP Auth Post 302764057 by Panzerkampfwagn on Thursday 31st of January 2013 09:55:28 AM
Old 01-31-2013
Hey, thx for the answer. Geco field (Value=ldapuser GB) is still there and and entry for shadowLastChange,shadowMax,shadowWarning, sn, too Smilie I didnīt post it. Srry my fault.

---------- Post updated at 01:24 AM ---------- Previous update was at 01:12 AM ----------

Okay, is maybe value for the shadow pw missing ({CRYPT} blablabla)? if i do ldaplist -l passwd ldapuser on Sol10 Client:

#ldaplist -l passwd ldapuser

Sol10Serv:> dn: uid=ldapuser,ou=People,dc=example,dc=de
uid: ldapuser
cn: ldapuser GB
givenName: ldap user
sn: GB
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
shadowLastChange: 15622
shadowMax: 168
shadowWarning: 7
loginshell: /usr/bin/bash
gidnumber: 1
gecos: ldapuser GB
homeDirectory: /export/home/ldapuser
uidnumber: 5000

---------- Post updated at 09:55 AM ---------- Previous update was at 01:24 AM ----------

DAM!!

i got some new grey hairs now... not funny Smilie It works now!!11! If im really sure, what i did, i will post a howto here for other guys...

thx for reading Smilie
 

10 More Discussions You Might Find Interesting

1. Solaris

stack space in sol10

we have a solaris 10 box (V440) we are looking for a way to set the stack size for all processes on the system. we know we can use ulimit -s $ ulimit -a time(seconds) unlimited file(blocks) unlimited data(kbytes) unlimited stack(kbytes) 8192 coredump(blocks) unlimited... (2 Replies)
Discussion started by: robsonde
2 Replies

2. Solaris

sol10 on x86 -> network issue

i've decided to try out an x86 system with sol10. however, i can't get my 3com 3C905TX-B to work. i checked the hcl and it says it runs natively. anyone having similar issues or seen a fix for this? i'll be happy to supply more info. Note: i do not see this in /etc/path_to_inst. so it looks like... (1 Reply)
Discussion started by: pupp
1 Replies

3. UNIX and Linux Applications

mysql on sol10 x86

i installed the x86 version (32-bit) of mysql community db. looks like the initial install of the pkg was good. however, i've got a few questions here. after the install, i run `/usr/local/mysql/scripts/mysql_install_db --user=mysql` to generate the db's and tables. it looks like a clean install... (0 Replies)
Discussion started by: pupp
0 Replies

4. Solaris

Sol10 on primepower 850

I've got a console that seems to be hung. all other services (ip, etc) work perfectly. in fact, its still in production... we just don't have console access. so i there are two consoles on this guy.. scfc0 and scfc1. using iompadm from fujitsu, this is what i got: # ./iompadm -c FJSVscf3 info... (1 Reply)
Discussion started by: pupp
1 Replies

5. Solaris

machine to learn Sol10

Hi What kind of Sun machine, you recommend to buy in order to learn Solaris 10 administration ? I need machine where I can train the following sol10 features : - zfs - solstice suite (RAID 0+1, RAID 5, RAID 1 + 0 ) - containers Please advice sth for reasonable price. thx for help. (8 Replies)
Discussion started by: presul
8 Replies

6. Solaris

Help with Sol10 boot error

I just ran the latest ( 9-27-11) solaris patch set on my sparc testbed ( ultra80 ). Brought down to single user mode and ran patches as I always have. When I rebooted it after completion it came up with the following error on boot. "Fast Access Data MMU Miss". I can boot to a cdrom in... (5 Replies)
Discussion started by: bow tie klr
5 Replies

7. Solaris

t2000 Sol10 installation failure

Hi folks, I've searched as much as possible with regards to the installation of Solaris 10 and this error that I keep getting no matter which arguments I use. sol-10-u9-ga-sparc-dvd.iso sc> showhost Sun-Fire-T2000 System Firmware 6.7.12 2011/07/06 20:03 Host flash versions: OBP... (3 Replies)
Discussion started by: dnetcrawler
3 Replies

8. Solaris

Cannot tell what is filling up root (/) partition on Sol10

I can see that my root partition is down to single-digit GB free out of 134GB root partition on a larger server with many SAN, NFS, LOFS mounts etc mounted at the root (/) partition. How can I specifically tell which directories is causing the most utilization in my root (/) partition? (3 Replies)
Discussion started by: ckmehta
3 Replies

9. Solaris

Sol10 + OpenLDAP = excessive logging & full file system??!!

Hello all, new to this forum (member of many others). Hopefully I can find help here. SERVER: Brand new server Oracle Enterprise SPARC T4-1 Loaded Solaris SPARC 10 u10, patched to 147440-27 Loaded OpenLDAP v2.4.30 Loaded Berkley DB 4.7.25.NC Loaded OpenSSL 1.0.1c Note: All packages are... (2 Replies)
Discussion started by: Wraith_G2IC
2 Replies

10. Solaris

FTPD ls problem on Sol10

Hey guys, i'm pretty sure this is simple enough so i'll go quick. I must be missing something but can't pinpoint it. NOTE: Yes, i should be using proftpd but the architect team is a pain in the butt and it is not possible right now. Sol10 FTP server (zoned) MS vista ftp client. Login... (1 Reply)
Discussion started by: maverick72
1 Replies

LEARN ABOUT DEBIAN

slapo-constraint

SLAPO-CONSTRAINT(5)						File Formats Manual					       SLAPO-CONSTRAINT(5)

NAME

       slapo-constraint - Attribute Constraint Overlay to slapd

SYNOPSIS

       /etc/ldap/slapd.conf

DESCRIPTION

       The constraint overlay is used to ensure that attribute values match some constraints beyond basic LDAP syntax.	Attributes can have multi-
       ple constraints placed upon them, and all must be satisfied when modifying an attribute value under constraint.

       This overlay is intended to be used to force syntactic regularity upon certain string represented data  which  have  well  known  canonical
       forms, like telephone numbers, post codes, FQDNs, etc.

       It constrains only LDAP add, modify and rename commands and only seeks to control the add and replace values of modify and rename requests.

       No constraints are applied for operations performed with the relax control set.

CONFIGURATION

       This slapd.conf option applies to the constraint overlay.  It should appear after the overlay directive.

       constraint_attribute <attribute_name>[,...] <type> <value> [<extra> [...]]
	      Specifies  the constraint which should apply to the comma-separated attribute list named as the first parameter.	Five types of con-
	      straint are currently supported - regex, size, count, uri, and set.

	      The parameter following the regex type is a Unix style regular expression (See regex(7) ). The parameter following the uri  type	is
	      an  LDAP	URI.  The  URI	will be evaluated using an internal search.  It must not include a hostname, and it must include a list of
	      attributes to evaluate.

	      The parameter following the set type is a string that is interpreted according to the syntax in use for ACL sets.   This	allows	to
	      construct constraints based on the contents of the entry.

	      The size type can be used to enforce a limit on an attribute length, and the count type limits the number of values of an attribute.

	      Extra parameters can occur in any order after those described above.

	      <extra> : restrict=<uri>

	      This  extra  parameter allows to restrict the application of the corresponding constraint only to entries that match the base, scope
	      and filter portions of the LDAP URI.  The base, if present, must be within the naming context of the database.  The  scope  is  only
	      used when the base is present; it defaults to base.  The other parameters of the URI are not allowed.

       Any  attempt  to  add or modify an attribute named as part of the constraint overlay specification which does not fit the constraint listed
       will fail with a LDAP_CONSTRAINT_VIOLATION error.

EXAMPLES

	      overlay constraint
	      constraint_attribute jpegPhoto size 131072
	      constraint_attribute userPassword count 3
	      constraint_attribute mail regex ^[[:alnum:]]+@mydomain.com$
	      constraint_attribute title uri
		ldap:///dc=catalog,dc=example,dc=com?title?sub?(objectClass=titleCatalog)
	      constraint_attribute cn,sn,givenName set
		"(this/givenName + [ ] + this/sn) & this/cn"
		restrict="ldap:///ou=People,dc=example,dc=com??sub?(objectClass=inetOrgPerson)"

       A specification like the above would reject any mail attribute which did not look like <alpha-numeric string>@mydomain.com.  It would  also
       reject  any  title attribute whose values were not listed in the title attribute of any titleCatalog entries in the given scope. (Note that
       the "dc=catalog,dc=example,dc=com" subtree ought to reside in a separate database, otherwise the initial set of titleCatalog entries  could
       not be populated while the constraint is in effect.)  Finally, it requires the values of the attribute cn to be constructed by pairing val-
       ues of the attributes sn and givenName, separated by a space, but only for entries derived from the objectClass inetOrgPerson.

FILES

       /etc/ldap/slapd.conf
	      default slapd configuration file

SEE ALSO

       slapd.conf(5), slapd-config(5),

ACKNOWLEDGEMENTS

       This module was written in 2005 by Neil Dunbar of Hewlett-Packard and subsequently extended by Howard Chu and Emmanuel  Dreyfus.   OpenLDAP
       Software  is  developed and maintained by The OpenLDAP Project <http://www.openldap.org/>.  OpenLDAP Software is derived from University of
       Michigan LDAP 3.3 Release.

OpenLDAP							    2012/04/23						       SLAPO-CONSTRAINT(5)
All times are GMT -4. The time now is 04:46 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy