Re: Cannot access Sun Directory Server with idsconfig

From: Jørgen Kold (jorgen@pet.auh.dk)
Date: Mon Oct 09 2006 - 08:52:33 EDT

• Next message: Lai Yiu Fai: "Re: SunFire X4100 slow booting?"
• Previous message: Abhijit Das: "RE: NIS auto_home map update"
• Maybe in reply to: Jørgen Kold: "Cannot access Sun Directory Server with idsconfig"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thank you very much to Stefan Varga

Solution: didn't have ldapsearch installed on the server from which
idsconfig was running.

Question:

Dear sunmanagers

I have a Sun Sparc(Solaris 10 6/06) server running with two zone; one
ment to be LDAP client, called "klient" and one ment to be LDAP server,
called "server".

I have the Sun directory server running on "server" but somehow I cannot
access the LDAP directory with the command: /usr/lib/ldap/idsconfig. I
get the command:

 ERROR: Invalid host or port: server:389, Please re-enter!

I can however get access from other applications, I can even make a
client manually and are able to login on it through a LDAP account. I
could of course manually create all the necessary directories and stuff
in the LDAP server but it would be much easier to use idsconfig as far
as I know.
Btw. I cannot get access through the Solaris installation program when
choosing LDAP as naming service, but thats probably because the LDAP
directory is not setup with idsconfig yet.

I would be very happy if you can help me.

Sincerely
Jorgen

On Mon, 2006-10-09 at 14:49 +0200, Stefan Varga wrote:
> JC8rgen Kold wrote:
> > I can do it from tiger as well but not from tigerzone...how can that be?
> >
> Becasue you do not have ldapsearch installed in tigerzone.
> You can now summarize to sunmanagers;)
> Stefan
>
> > Jorgen
> >
> > On Mon, 2006-10-09 at 14:41 +0200, Stefan Varga wrote:
> >
> >> it is working for me :-)
> >> do you have icq ?
> >>
> >>
> >>
> >> JC8rgen Kold wrote:
> >>
> >>> Hi Stefan
> >>>
> >>> You have the login: stefan and password stefan01
> >>> You have to login to tiger.pet.auh.dk and from that to
> >>> tigerzone.pet.auh.dk
> >>>
> >>> Jorgen
> >>>
> >>> On Mon, 2006-10-09 at 14:21 +0200, Stefan Varga wrote:
> >>>
> >>>
> >>>> JC8rgen Kold wrote:
> >>>>
> >>>>
> >>>>> How do I give you access to the zone?
> >>>>>
> >>>>> Btw. in the idsconfig script is says:
> >>>>>
> >>>>> /bin/ldapsearch -r -h tigerzone -p 389 -b -s base objectclass=*
> >>>>>
> >>>>>
> >>>>>
> >>>> maybe you should try to link /usr/bin/ldapsearch to /bin/ldapsearch
> >>>> Stefan
> >>>>
> >>>>
> >>>>> but there are no ldapsearch in the /bin folder from root.
> >>>>>
> >>>>> Jorgen
> >>>>> On Mon, 2006-10-09 at 14:14 +0200, Stefan Varga wrote:
> >>>>>
> >>>>>
> >>>>>
> >>>>>> May I have access to that zone ?
> >>>>>> I have no other idea.
> >>>>>> Stefan
> >>>>>>
> >>>>>> JC8rgen Kold wrote:
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>> Here it is
> >>>>>>>
> >>>>>>> Jorgen
> >>>>>>>
> >>>>>>>
> >>>>>>> On Mon, 2006-10-09 at 14:00 +0200, Stefan Varga wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>> Try to type 10.3.101.109 instead of tigerzone in idsconfig
> >>>>>>>>
> >>>>>>>> Stefan
> >>>>>>>>
> >>>>>>>> JC8rgen Kold wrote:
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>> The result is in the attached file: sh_ip_result
> >>>>>>>>>
> >>>>>>>>> Jorgen
> >>>>>>>>>
> >>>>>>>>> On Mon, 2006-10-09 at 13:40 +0200, Stefan Varga wrote:
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>> What happens when you put 10.3.101.109 instead of tigerzone in idscondig ?
> >>>>>>>>>> Show please the results from sh -x /usr/lib/ldap/idsconfig
> >>>>>>>>>>
> >>>>>>>>>> Stefan
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> JC8rgen Kold wrote:
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>> Do I have to reboot or something after the cp procedure?
> >>>>>>>>>>>
> >>>>>>>>>>> Jorgen
> >>>>>>>>>>> On Mon, 2006-10-09 at 13:31 +0200, Stefan Varga wrote:
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>> cp /etc/nsswitch.dns /etc/nsswitch.conf
> >>>>>>>>>>>> and run idsconfig
> >>>>>>>>>>>> then cp /etc/nssswitch.nisplus /etc/nssswitch.conf
> >>>>>>>>>>>>
> >>>>>>>>>>>> that 3 steps should help;-)
> >>>>>>>>>>>>
> >>>>>>>>>>>> Stefan
> >>>>>>>>>>>>
> >>>>>>>>>>>> JC8rgen Kold wrote:
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>> And yes I can telnet tigerzone 389
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Jorgen
> >>>>>>>>>>>>> On Mon, 2006-10-09 at 13:02 +0200, Stefan Varga wrote:
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> JC8rgen Kold wrote:
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Hi again
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Thank you for you fast reply :-)
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> I followed your steps and got the results presented in the attached
> >>>>>>>>>>>>>>> files:
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> 2. ping server: ping_server_result
> >>>>>>>>>>>>>>> 3. ping server.domain.com: ping_server_domain_result
> >>>>>>>>>>>>>>> 4. sh -x /usr/lib/ldap/idsconfig: sh_idsconfig_result
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> Can you telnet tigerzone 389 ?
> >>>>>>>>>>>>>> maybe you could try to give idsconfig the IP address of tigerzone, hm ?
> >>>>>>>>>>>>>> post please the cat /etc/hosts and cat /etc/inet/ipnodes and cat
> >>>>>>>>>>>>>> /etc/nssswitch.conf from zone tigerzone.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> It must work :-)
> >>>>>>>>>>>>>> Stefan
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> The zone name for the LDAP server I gave you in the first mail was just
> >>>>>>>>>>>>>>> virtual. The real name is "tigerzone" at the domain "pet.auh.dk".
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Sincerely
> >>>>>>>>>>>>>>> Jorgen
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> On Mon, 2006-10-09 at 08:40 +0200, Stefan Varga wrote:
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> JC8rgen Kold wrote:
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Hi again Stefan
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Mornig Jorgen,
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> I have now reinstalled my LDAP server zone as well as installed Sun
> >>>>>>>>>>>>>>>>> Directory server with default settings. As far as I know the next step
> >>>>>>>>>>>>>>>>> is
> >>>>>>>>>>>>>>>>> to run idsconfig. However I get the same error. My question is
> >>>>>>>>>>>>>>>>> therefore,
> >>>>>>>>>>>>>>>>> do I have to do something else before I run idsconfig. If not, what can
> >>>>>>>>>>>>>>>>> then be wrong?
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Yes, the next step can be idsconfig. Your directory server must be up
> >>>>>>>>>>>>>>>> and running.
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> ps -ef | grep slap
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Do the following please:
> >>>>>>>>>>>>>>>> 1. login to zone as root a type zonename
> >>>>>>>>>>>>>>>> 2. ping server
> >>>>>>>>>>>>>>>> 3. ping server.domain.com
> >>>>>>>>>>>>>>>> 4. sh -x /usr/lib/ldap/idsconfig
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> and post the results, if it's acceptable for you.
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> I use Sun directory server 5.2.P4.Solaris.SPARC.full as well as Solaris
> >>>>>>>>>>>>>>>>> 10
> >>>>>>>>>>>>>>>>> 6/06. I haven't installed any updates or patches on my zones...can that
> >>>>>>>>>>>>>>>>> be
> >>>>>>>>>>>>>>>>> the reason?
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Can it a problem inherited from the global zone?
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Under some circumstances, yes:-)
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Stefan
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Sincerely
> >>>>>>>>>>>>>>>>> Jorgen
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Lai Yiu Fai: "Re: SunFire X4100 slow booting?"
• Previous message: Abhijit Das: "RE: NIS auto_home map update"
• Maybe in reply to: Jørgen Kold: "Cannot access Sun Directory Server with idsconfig"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:40:58 EDT