Re: Connect Solaris ldapclient to a Oracle internet directory
From: Chris Ridd <chrisridd_at_mac.com>
Date: Thu, 3 Jul 2008 11:57:30 +0100
Message-ID: <6d3pkqFmig1U2@mid.individual.net>
>> ldapclient connects to the OID. Yippi :-)
>> It was a combination between nsswich.conf pam.conf and ldapclient.
>> Thanks for all your help so far.
>>
>> I have found some more good resources:
>> http://www.sun.com/bigadmin/features/articles/nis_ldap_part2.jsp
>> http://blogs.sun.com/jo/entry/sun_directory_server_6_x
>>
>> Now I would like to use SSL. The Solaris client needs PKCS12 formated
>> key.db files. My problem is to get this keys in the right format.
Date: Thu, 3 Jul 2008 11:57:30 +0100
Message-ID: <6d3pkqFmig1U2@mid.individual.net>
On 2008-07-03 11:56:36 +0100, Chris Ridd <chrisridd_at_mac.com> said:
> On 2008-07-03 10:00:22 +0100, Denis <Denis.Nicklas_at_googlemail.com> said: >
>> ldapclient connects to the OID. Yippi :-)
>> It was a combination between nsswich.conf pam.conf and ldapclient.
>> Thanks for all your help so far.
>>
>> I have found some more good resources:
>> http://www.sun.com/bigadmin/features/articles/nis_ldap_part2.jsp
>> http://blogs.sun.com/jo/entry/sun_directory_server_6_x
>>
>> Now I would like to use SSL. The Solaris client needs PKCS12 formated
>> key.db files. My problem is to get this keys in the right format.
> > You need Sun's directory server resource kit, which includes the > "certutil" tool which will sort all this stuff out for you. I had to do > something like this: > > # LD_LIBRARY_PATH=/opt/dsrk52/lib:/opt/dsrk52/lib/nss/lib > # export LD_LIBRARY_PATH > # /opt/dsrk52/lib/nss/bin/certutil –A –n "My CA" -t "TCu,Cu,Tuw" -d > /tmp –i ~/myca.crt > > Test with Sun's ldapsearch program using LDAPS and the files generated in /tmp: > > /usr/bin/ldapsearch –h ldap.example.com –Z –b "" -s base –P /tmp > "(objectclass=*)"
Or whatever address your server's on...
Cheers,
Chris Received on Thu Jul 03 2008 - 05:57:30 CDT