[OmniOS-discuss] ldap auth
Thierry Bingen
tbingen at homeshore.be
Fri Sep 6 07:10:41 UTC 2013
On 5 Sep 2013, at 10:01:15 -0700, Ian Kaufman suggested:
> Quick question - are you restricting it to ONLY TLS/SSL LDAP over port
> 636, essentially shutting down port 389 communication? I beat my head
> against the wall back in Solaris 10 as well. Apparently, the LDAP
> cache manager needs to communicate over 389. What I finally resorted
> to was installing OpenLDAP and setting up my Solaris 10 systems as
> read only LDAP slaves, and then used the native LDAP client to talk to
> the local OpenLDAP server over port 389 using the loopback interface.
Yes, I am, as my LDAP server sits on the Internet.
However, the LDAP cache manager no longer needs port 389. It currently runs without any problem on many omnios-r151004 and oi_148 machines, communicating with the same LDAP server with the same 636 restriction.
Installing LDAP slaves on all the machines which I intend to upgrade to r151006 is not practical. I am better off sticking to r151004...
Thanks anyway.
More information about the OmniOS-discuss
mailing list