OpenSolaris: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
Line 9: | Line 9: | ||
== LDAP == |
== LDAP == |
||
⚫ | |||
ldapclient manual -v \ |
|||
⚫ | |||
-a credentialLevel=anonymous \ |
|||
⚫ | |||
-a authenticationMethod=none \ |
|||
-a defaultSearchBase=dc=csclub,dc=uwaterloo,dc=ca \ |
|||
⚫ | |||
-a defaultSearchScope=sub \ |
|||
⚫ | |||
-a domainName=csclub.uwaterloo.ca \ |
|||
⚫ | |||
-a defaultServerList=ldap1.csclub.uwaterloo.ca,ldap2.csclub.uwaterloo.ca |
|||
make; make install |
|||
rm /usr/lib/nss_ldap.so.1 |
|||
ln -s /opt/nss_ldap/lib/nss_ldap.so /usr/lib/nss_ldap.so.1 |
|||
⚫ | |||
== Kerberos == |
== Kerberos == |
||
Line 29: | Line 34: | ||
You need to create /etc/krb5/krb5.keytab containing host/FQDN@CSCLUB.UWATERLOO.CA where FQDN = the fully qualified domain name of the host. |
You need to create /etc/krb5/krb5.keytab containing host/FQDN@CSCLUB.UWATERLOO.CA where FQDN = the fully qualified domain name of the host. |
||
== PADL nss_ldap == |
|||
⚫ | |||
⚫ | |||
make depend |
|||
make |
|||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
== External Links == |
== External Links == |
Revision as of 20:40, 19 January 2008
Solaris is drugs; avoid it at all cost.
pkg-get
pkgadd -d http://www.blastwave.org/pkg_get.pkg
/opt/csw/bin/pkg-get -i gnupg vim bash sudo wget gcc3core gcc3g++ gmake
LDAP
Configure and build static openldap libraries:
./configure --disable-slapd --prefix=/opt/openldap --sysconfdir=/etc/ldap --enable-shared --enable-static make depend; make; make install
Configure nss_ldap:
CFLAGS=-I$HOME/openldap/include LDFLAGS=-L/opt/openldap/lib\ -rpath=/opt/openldap/lib \ ./configure --with-ldap-conf-file=/etc/libnss-ldap.conf --prefix=/opt/nss_ldap make; make install rm /usr/lib/nss_ldap.so.1 ln -s /opt/nss_ldap/lib/nss_ldap.so /usr/lib/nss_ldap.so.1
In config.h, make sure HAVE_SASL_SASL_H is #undef'd.
Kerberos
scp caffeine:/etc/krb5.conf /etc/krb5/krb5.conf
In /etc/pam.conf, after
other auth required pam_unix_cred.so.1
add
other auth sufficient pam_krb5.so.1
You might want to also do this for 'login'.
You need to create /etc/krb5/krb5.keytab containing host/FQDN@CSCLUB.UWATERLOO.CA where FQDN = the fully qualified domain name of the host.
External Links
https://www.cs.uwaterloo.ca/twiki/view/CF/ADAddSolaris10 http://ashtech.net/~syntax/blog/archives/50-Solaris-10-Partitioning,-RAID,-and-ZFS.html