Hi,
what client command you have used when you get error:
"DC1.ad.domain.com StartTLS not supported by LDAP client libraries!"
if you have used ldapsearch, just replace command with openldapsearch
Regards
Predrag Zečević
On 09/11/14 11:08 AM, Andre Kruger wrote:
Hi
I do have the library/openldap package installed,
pkg list -a | grep ldap
SUNWapu13-ldap 1.3.9-0.133 --r
SUNWopenldap 2.4.11-0.133 --r
library/apr-util-13/apr-ldap 1.5.2-0.151.1.8 i--
library/openldap 2.4.34-0.151.1.8 i--
naming/ldap 0.5.11-0.151.1.8 i--
service/network/ldap/opends (opensolaris.org) 2.2.0-0.111 i--
web/library/apache/apr-util-13/apr-ldap 1.3.9-0.134 --r
And searching for the ldapsearch pakage on my system gives the following:
pkg search -l ldapsearch
INDEX ACTION VALUE PACKAGE
basename link usr/lib/openldap/bin/amd64/ldapsearch
pkg:/library/[email protected]
basename link usr/lib/openldap/bin/ldapsearch
pkg:/library/[email protected]
basename file usr/bin/ldapsearch
pkg:/naming/[email protected]
basename file usr/opends/bin/ldapsearch
pkg:/service/network/ldap/[email protected]
pkg search -l openldapsearch
INDEX ACTION VALUE PACKAGE
basename file usr/bin/amd64/openldapsearch
pkg:/library/[email protected]
basename file usr/bin/openldapsearch
pkg:/library/[email protected]
I understand what you are saying but I don't know how I should use the
information. Can you please explain. I don't see where/how I can choose between
using ldapsearch or openldapsearch?
When I (try to)join my Samba server to the domain I use the Samba "net ads
join" command and that does its own thing.
Regards
André
-----Original Message-----
From: Predrag Zecevic [Unix Systems Administrator]
[mailto:[email protected]]
Sent: 11 September 2014 10:12
To: [email protected]
Subject: Re: [OpenIndiana-discuss] LDAP Client StartTLS Support
Hi,
I guess OI has 2 versions of ldap:
a) SunOS one
b) OpenLDAP
You might want to use (for example) openldapsearch command instead of
ldapsearch [NOTE 'open' prefix]
$ pkg search -l ldapsearch
INDEX ACTION VALUE PACKAGE
basename file usr/share/bash-completion/completions/ldapsearch
pkg:/utility/[email protected]
basename file usr/bin/ldapsearch
pkg:/naming/[email protected]
basename link usr/lib/openldap/bin/amd64/ldapsearch
pkg:/library/[email protected]
basename link usr/lib/openldap/bin/ldapsearch
pkg:/library/[email protected]
So, you might need to install library/openldap package and add
/usr/lib/openldap/bin to path before /usr/bin (if you wanna use only name
'ldapsearch') **or** use commands specifying 'open' prefix:
$ pkg search -l openldapsearch
INDEX ACTION VALUE PACKAGE
basename file usr/bin/amd64/openldapsearch
pkg:/library/[email protected]
basename file usr/bin/openldapsearch
pkg:/library/[email protected]
$ ldd /usr/lib/openldap/bin/ldapsearch
libldap-2.4.so.2 => /usr/lib/libldap-2.4.so.2
liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2
libsasl.so.1 => /usr/lib/libsasl.so.1
libnsl.so.1 => /lib/libnsl.so.1
libc.so.1 => /lib/libc.so.1
libresolv.so.2 => /lib/libresolv.so.2
libsocket.so.1 => /lib/libsocket.so.1
libssl.so.1.0.0 => /lib/libssl.so.1.0.0
libcrypto.so.1.0.0 => /lib/libcrypto.so.1.0.0
libmd.so.1 => /lib/libmd.so.1
libmp.so.2 => /lib/libmp.so.2
libdl.so.1 => /lib/libdl.so.1
libgcc_s.so.1 => /usr/lib/libgcc_s.so.1
libm.so.2 => /lib/libm.so.2
HTH
Regards.
Predrag Zečević
On 09/11/14 10:03 AM, Andre Kruger wrote:
I don't think this is a Samba problem I am only providing the info to help the
reader understand where I am coming from.
I am trying to join my Samba server to my domain. This previously worked but
our AD admins enabled LDAPS on the DCs which broke the connection. Upon
retrying to join the domain, running the samba join command in debug mode I get
the following:
Successfully contacted LDAP server 1.1.1.1 Connected to LDAP server
DC1.ad.domain.com StartTLS not supported by LDAP client libraries!
Is StartTLS supported by the ldap client we have in OI?
According to this site earlier versions of Solaris did not support it yet so I
am not sure if it is supported on the current release of OI.
http://www.informit.com/articles/article.aspx?p=30339&seqNum=3
_______________________________________________
openindiana-discuss mailing list
[email protected]
http://openindiana.org/mailman/listinfo/openindiana-discuss
--
Predrag Zečević, Technical Support Analyst, 2e Systems GmbH
Telephone: +49 6196 9505 815, Facsimile: +49 6196 9505 894
Mobile: +49 174 3109 288, Skype: predrag.zecevic
E-mail: [email protected]
Headquarter: 2e Systems GmbH, Königsteiner Str. 87,
65812 Bad Soden am Taunus, Germany Company
registration: Amtsgericht Königstein (Germany), HRB 7303
Managing director: Phil Douglas
http://www.2e-systems.com/ - Making your business fly!
[***]===---
According to the latest official figures, 43% of all statistics are totally
worthless.
_______________________________________________
openindiana-discuss mailing list
[email protected]
http://openindiana.org/mailman/listinfo/openindiana-discuss
_______________________________________________
openindiana-discuss mailing list
[email protected]
http://openindiana.org/mailman/listinfo/openindiana-discuss
--
Predrag Zečević, Technical Support Analyst, 2e Systems GmbH
Telephone: +49 6196 9505 815, Facsimile: +49 6196 9505 894
Mobile: +49 174 3109 288, Skype: predrag.zecevic
E-mail: [email protected]
Headquarter: 2e Systems GmbH, Königsteiner Str. 87,
65812 Bad Soden am Taunus, Germany
Company registration: Amtsgericht Königstein (Germany), HRB 7303
Managing director: Phil Douglas
http://www.2e-systems.com/ - Making your business fly!
[***]===---
All constants are variables.
_______________________________________________
openindiana-discuss mailing list
[email protected]
http://openindiana.org/mailman/listinfo/openindiana-discuss
