SEO

I am trying to get my OpenLDAP to work correctly with Solaris 9 (server) and
Solaris 8 (workstations). I am doing this because here at work we currently
use NIS+ to perform user authentication and there is a need to move off NIS+
to something that is upgradeable.

I have compiled and installed OpenLDAP, Berkeley DB, & OpenSSH and put it on
the Solaris 9 server.

When I try to perform the command:

root> ldapadd -D "cn=root,dc=my,dc=domain,dc=com"
dn: dc=my,dc=domain,dc=com
objectClass: top
objectClass: nisDomainObject
nisDomain: my.domain.com

adding new entry dc=my,dc=domain,dc=com
ldap_add_s: Object class violation

For the life of me I have searched newsgroups, internet posts for the
"Object class violation" error and cannot figure out what is going on. When
I do this in verbose mode ( -v ) I get the following extra information.

root> ldapadd -v -D "cn=root,dc=my,dc=domain,dc=com"

dn: dc=my,dc=domain,dc=com
objectClass: top
objectClass: nisDomainObject
nisDomain: my.domain.com

add objectClass:
top
nisDomainObject
add nisDomain:
my.domain.com
adding new entry dc=my,dc=domain,dc=com
ldap_add_s: Object class violation

Any help is appreciated.

George

Wolanin, George wrote:

> objectClass: nisDomainObject
> nisDomain: my.domain.com


Dear George,
have a quick look at http://ldap.akbkhome.com/ and
see if the objectclass is really called nisdomainobject.
Cheers,
Monzai

Webmasters, admins and network managers only:
http://www.monzai.com/

On Tue, 16 Sep 2003, Wolanin, George wrote:

> I am trying to get my OpenLDAP to work correctly with Solaris 9 (server) and

Why aren't you using Sun's LDAP server?

--
Rich Teer, SCNA, SCSA

President,
Rite Online Inc.

Voice: +1 (250) 979-1638
URL: http://www.rite-online.net

On Tue, 16 Sep 2003 15:02:34 -0400, "Wolanin, George"
<gwolanin@columbus.rr.com> wrote:

>I was hoping that question wouldn't be answered.
>
>Because I wasn't familiar with using Sun's LDAP server, and I searched Sun's
>site for documentation on it and really couldn't find any info at all to set
>it up. It seems that they want you to pay for training on using their
>software instead of providing documents.

It's called "iPlanet Directory Server 5.1". The documentation can be
found at:

http://docs.sun.com/db/coll/923.1

Josh

Wolanin, George <gwolanin@columbus.rr.com> wrote:
> Maybe I will ditch OpenLDAP and try this out.

> I guess I'll have to reload the server (SSL libraries)

> I am used to doing most work in a Linux environment, Solaris is a little bit
> different but not much.

> Thanks for the doc posting.

I'm still waiting for the migration documentation. You would think this
kind of information would be available. I tried OpenLDAP and had issues
with the tests after building it. Asking questions on the e-mailing list
returned no help. I have Sun's Blue Print book on LDAP. It all still
looks like Greek to me and a heck of a lot of work to get a common
authentication for logins.

> George

> "Josh McKee" <jtmckee@rmac.net> wrote in message
> news:9roemv4r9rh0oq6hhb24jo0ien9s6idtn4@4ax.com...
> > On Tue, 16 SOP 2003 15:02:34 -0400, "Wolanin, George"
> > <gwolanin@columbus.rr.com> wrote:
> >
> > >I was hoping that question wouldn't be answered.
> > >
> > >Because I wasn't familiar with using Sun's LDAP server, and I searched
> Sun's
> > >site for documentation on it and really couldn't find any info at all to
> set
> > >it up. It seems that they want you to pay for training on using their
> > >software instead of providing documents.
> >
> > It's called "iPlanet Directory Server 5.1". The documentation can be
> > found at:
> >
> > http://docs.sun.com/db/coll/923.1
> >
> > Josh



--


Regards,

David Highley Phone: (206) 669-0081
Highley Recommended, Inc. FAX: (253) 838-8509
2927 SW 339th Street Email: dhighley@highley-recommended.com
Federal Way, WA 98023-7732 WEB: http://www.highley-recommended.com

Well, I couldn't get it to work.
So I decided to install Sun ONE Directory Server 5.2 instead of using
OpenLDAP

I talked to the SUN support that we pay big bucks for, and it has been a
week and still my problem is not resolved. I need an expert, and I know
that there are many out there.

I would like to run LDAP the same way NIS+ runs.

Users are authenticated on their workstations, home directories are mounted,
and automounts are run based on user.

I have a procedure from Sun. I am able to run the ldapclient command:

----
ldapclient init -a profileName=FirstProfile -a
domainName=atac.ebay.sun.com -a
proxyDN=cn=proxyagent,ou=profile,dc=atac,dc=ebay,d c=sun,dc=com -a
proxyPassword=secret123 doc.atac.ebay.sun.com:389
----

**NOTE** I do replace the domain information with my network information

I get a success.

But if I run the ldaplist command I get the following error:

# ldaplist -v
+++ database=NULL
+++ filter=objectclass=*
+++ template for merging SSD filter=%s
ldaplist: Object not found (Session error no available conn.
)

My server is in DNS, and I am using the FQDN, the server is Solaris 9
The workstation is also on Solaris 9

I am stumped.. any ideas out there?

George


"Unix Guru" <ask@me.how> wrote in message
news:MPG.19d2209332ac05f698a492@news.alt.net...
> In article <Pine.GSO.4.44.0309160912050.5854-100000@zaphod>,
> rich.teer@rite-group.com says...
> > On Tue, 16 Sep 2003, Wolanin, George wrote:
> >
> > > I am trying to get my OpenLDAP to work correctly with Solaris 9
(server) and
> >
> > Why aren't you using Sun's LDAP server?
>
> Why should he?