Re: [OpenIndiana-discuss] LDAP Client StartTLS Support

Thu, 11 Sep 2014 02:09:13 -0700 

Hi

I do have the library/openldap package installed,

pkg list -a | grep ldap
SUNWapu13-ldap                                    1.3.9-0.133                --r
SUNWopenldap                                      2.4.11-0.133               --r
library/apr-util-13/apr-ldap                      1.5.2-0.151.1.8            i--
library/openldap                                  2.4.34-0.151.1.8           i--
naming/ldap                                       0.5.11-0.151.1.8           i--
service/network/ldap/opends (opensolaris.org)     2.2.0-0.111                i--
web/library/apache/apr-util-13/apr-ldap           1.3.9-0.134                --r

And searching for the ldapsearch pakage on my system gives the following:

pkg search -l ldapsearch
INDEX      ACTION VALUE                                 PACKAGE
basename   link   usr/lib/openldap/bin/amd64/ldapsearch 
pkg:/library/[email protected]
basename   link   usr/lib/openldap/bin/ldapsearch       
pkg:/library/[email protected]
basename   file   usr/bin/ldapsearch                    
pkg:/naming/[email protected]
basename   file   usr/opends/bin/ldapsearch             
pkg:/service/network/ldap/[email protected]


pkg search -l openldapsearch
INDEX      ACTION VALUE                        PACKAGE
basename   file   usr/bin/amd64/openldapsearch 
pkg:/library/[email protected]
basename   file   usr/bin/openldapsearch       
pkg:/library/[email protected]


I understand what you are saying but I don't know how I should use the 
information. Can you please explain. I don't see where/how I can choose between 
using ldapsearch or openldapsearch?

When I (try to)join my Samba server to the domain I use the Samba "net ads 
join" command and that does its own thing.


Regards
André



-----Original Message-----
From: Predrag Zecevic [Unix Systems Administrator] 
[mailto:[email protected]] 
Sent: 11 September 2014 10:12
To: [email protected]
Subject: Re: [OpenIndiana-discuss] LDAP Client StartTLS Support

Hi,

I guess OI has 2 versions of ldap:
a) SunOS one
b) OpenLDAP

You might want to use (for example) openldapsearch command instead of 
ldapsearch [NOTE 'open' prefix]

$ pkg search -l ldapsearch
INDEX      ACTION VALUE                                            PACKAGE
basename   file   usr/share/bash-completion/completions/ldapsearch 
pkg:/utility/[email protected]
basename   file   usr/bin/ldapsearch                               
pkg:/naming/[email protected]
basename   link   usr/lib/openldap/bin/amd64/ldapsearch            
pkg:/library/[email protected]
basename   link   usr/lib/openldap/bin/ldapsearch                  
pkg:/library/[email protected]

So, you might need to install library/openldap package and add 
/usr/lib/openldap/bin to path before /usr/bin (if you wanna use only name 
'ldapsearch') **or** use commands specifying 'open' prefix:

$ pkg search -l openldapsearch
INDEX      ACTION VALUE                        PACKAGE
basename   file   usr/bin/amd64/openldapsearch 
pkg:/library/[email protected]
basename   file   usr/bin/openldapsearch       
pkg:/library/[email protected]

$ ldd /usr/lib/openldap/bin/ldapsearch
         libldap-2.4.so.2 =>      /usr/lib/libldap-2.4.so.2
         liblber-2.4.so.2 =>      /usr/lib/liblber-2.4.so.2
         libsasl.so.1 =>  /usr/lib/libsasl.so.1
         libnsl.so.1 =>   /lib/libnsl.so.1
         libc.so.1 =>     /lib/libc.so.1
         libresolv.so.2 =>        /lib/libresolv.so.2
         libsocket.so.1 =>        /lib/libsocket.so.1
         libssl.so.1.0.0 =>       /lib/libssl.so.1.0.0
         libcrypto.so.1.0.0 =>    /lib/libcrypto.so.1.0.0
         libmd.so.1 =>    /lib/libmd.so.1
         libmp.so.2 =>    /lib/libmp.so.2
         libdl.so.1 =>    /lib/libdl.so.1
         libgcc_s.so.1 =>         /usr/lib/libgcc_s.so.1
         libm.so.2 =>     /lib/libm.so.2

HTH
Regards.
Predrag Zečević

On 09/11/14 10:03 AM, Andre Kruger wrote:
> I don't think this is a Samba problem I am only providing the info to help 
> the reader understand where I am coming from.
>
> I am trying to join my Samba server to my domain. This previously worked but 
> our AD admins enabled LDAPS on the DCs which broke the connection. Upon 
> retrying to join the domain, running the samba join command in debug mode I 
> get the following:
>
>
> Successfully contacted LDAP server 1.1.1.1 Connected to LDAP server 
> DC1.ad.domain.com StartTLS not supported by LDAP client libraries!
>
>
> Is StartTLS supported by the ldap client we have in OI?
>
> According to this site earlier versions of Solaris did not support it yet so 
> I am not sure if it is supported on the current release of OI.
>
> http://www.informit.com/articles/article.aspx?p=30339&seqNum=3
>
> _______________________________________________
> openindiana-discuss mailing list
> [email protected]
> http://openindiana.org/mailman/listinfo/openindiana-discuss
>

--
Predrag Zečević, Technical Support Analyst, 2e Systems GmbH

Telephone: +49 6196 9505 815, Facsimile: +49 6196 9505 894
Mobile:    +49  174 3109 288,     Skype: predrag.zecevic
E-mail:    [email protected]

Headquarter:          2e Systems GmbH, Königsteiner Str. 87,
                       65812 Bad Soden am Taunus, Germany Company registration: 
Amtsgericht Königstein (Germany), HRB 7303
Managing director:    Phil Douglas

http://www.2e-systems.com/ - Making your business fly!

[***]===---
According to the latest official figures, 43% of all statistics are totally 
worthless.

_______________________________________________
openindiana-discuss mailing list
[email protected]
http://openindiana.org/mailman/listinfo/openindiana-discuss
_______________________________________________
openindiana-discuss mailing list
[email protected]
http://openindiana.org/mailman/listinfo/openindiana-discuss

Reply via email to