We help IT Professionals succeed at work.

Need help adding a Solaris 10 zfs server to active directory for user authentication

aiscom
aiscom asked
on
Medium Priority
603 Views
Last Modified: 2013-12-21
Howdy,

I am trying to build a new file server of Solaris 10 and zfs . The problem I am currently having is in adding the server to our active directory domain for authentication of users. My co-workers and I have tried several approaches and all have failed (most likely because we are unix n00bs). We need a set of setup instructions for dummies if at all possible.

Thank you,
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2007
Commented:

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Brian UtterbackPrinciple Software Engineer
CERTIFIED EXPERT
Commented:
Have you considered using OpenSolaris? OpenSolaris has quite a few interoperability fixes that have not yet made it into Solaris 10. Not all OpenSolaris features are backported to Solaris 10, so there may be some that will never make it into Solaris 10.

Author

Commented:
thank you omarfarid we have been have been fallowing the instructions you linked to however when we run the net ads join command we are  getting the fallowing error "[2009/02/16 15:30:04, 0] utils/net_ads.c(286)
[2009/02/16 15:30:04, 0] utils/net_ads.c(286) 
ads_connect: so logon servers
Failed to join domain: no logon servers

Open in new window

Author

Commented:
ok we have run in to new problems with ldap please check the fallowing config and let us know if there are any errors

bash-3.00# ldapclient list
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_BINDDN= cn=solaris,cn=Users,dc=agnitek,dc=local
NS_LDAP_BINDPASSWD= {NS1}c5eb663af263c5
NS_LDAP_SERVERS= 192.168.xxx.xxx
NS_LDAP_SEARCH_BASEDN= dc=agnitek,dc=local
NS_LDAP_AUTH= simple
NS_LDAP_CACHETTL= 0
NS_LDAP_CREDENTIAL_LEVEL= proxy
NS_LDAP_SERVICE_SEARCH_DESC= passwd:dc=agnitek,dc=local?sub
NS_LDAP_SERVICE_SEARCH_DESC= group:dc=agnitek,dc=local?sub
NS_LDAP_ATTRIBUTEMAP= group:userpassword=solaris
NS_LDAP_ATTRIBUTEMAP= group:memberuid=10001
NS_LDAP_ATTRIBUTEMAP= group:gidnumber=UnixGroup
NS_LDAP_ATTRIBUTEMAP= passwd:gecos=cn
NS_LDAP_ATTRIBUTEMAP= passwd:gidnumber=UnixGroup
NS_LDAP_ATTRIBUTEMAP= passwd:uidnumber=10001
NS_LDAP_ATTRIBUTEMAP= passwd:homedirectory=/home/solaris
NS_LDAP_ATTRIBUTEMAP= passwd:loginshell=/bin/sh
NS_LDAP_ATTRIBUTEMAP= shadow:shadowflag=shadowFlag
NS_LDAP_ATTRIBUTEMAP= shadow:userpassword=userPassword
NS_LDAP_OBJECTCLASSMAP= group:posixGroup=group
NS_LDAP_OBJECTCLASSMAP= passwd:posixAccount=user
NS_LDAP_OBJECTCLASSMAP= shadow:shadowAccount=user
Brian UtterbackPrinciple Software Engineer
CERTIFIED EXPERT
Commented:
The NS_LDAP_BINDDN parameter doesn't look right to me. All of the setups I have seen used a proxydn and cn=proxyuser.

Author

Commented:
thank you for your help
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.