General
cancel
Showing results for 
Search instead for 
Did you mean: 

Configuration of LDAP-UX B.04.17 without Setup Program

 
SOLVED
Go to solution
Highlighted
New Member

Configuration of LDAP-UX B.04.17 without Setup Program

I don't know how to explain, because my final problem is with SAP's tools which links with /opt/ldapux/lib/pa20_64/libldap.1

We use LDAP-UX B.04.17 to connect to Windows AD.

I see an extrange behaviour when execute:

$ /opt/ldapux/bin/ldapsearch -b DC=xxx,DC=xxx,DC=net -h xxx -D "CN=xxx,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=net" -w - -s sub -v "(samaccountname=xxx)" dn
Enter bind password:
ldapsearch: started Wed Jun 18 10:00:03 2008

ldap_init( xxx, 389 )
filter pattern: (samaccountname=xxx)
returning: dn
filter is: (samaccountname=xxx)
version: 1
dn: CN=xxx,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC
=xxx,DC=net

Sometimes it finish, but almost everytime it waits there some seconds or until ^C

If I try without following referrals:
$ /opt/ldapux/bin/ldapsearch -b DC=xxx,DC=xxx,DC=net -h xxx -D "CN=xxx,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=net" -w - -s sub -v -R "(samaccountname=xxx)" dn
Enter bind password:
ldapsearch: started Wed Jun 18 10:07:22 2008

ldap_init( xxx, 389 )
filter pattern: (samaccountname=xxx)
returning: dn
filter is: (samaccountname=xxx)
version: 1
dn: CN=xxx,OU=xxx,OU=VIT,OU=xxx,DC=xxx,DC
=xxx,DC=net
Unfollowed continuation reference(s):
ldap://xxx.xxx.xxx.net/DC=xxx,DC=xxx,DC=xxx,DC=net
1 matches

It finish, and also with more defined basedn:

$ /opt/ldapux/bin/ldapsearch -b OU=xxx,DC=xxx,DC=xxx,DC=net -h xxx -D "CN=xxx,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=net" -w - -s sub -v "(samaccountname=xxx)" dn
Enter bind password:
ldapsearch: started Wed Jun 18 10:09:02 2008

ldap_init( xxx, 389 )
filter pattern: (samaccountname=xxx)
returning: dn
filter is: (samaccountname=xxx)
version: 1
dn: CN=xxx,OU=xxx,OU=VIT,OU=xxx,DC=xxx,DC
=xxx,DC=net
1 matches

No matter if I use -l time limit, it doesn't obey that.

SAP doesn't use LDAP-UX command, but libraries. How can we configure the default behaviour to be not to follow referrals or set timeout?
Running ./setup is for a configuration that we don't need, but I read that in Custom Configuration "follow referrals: yes/no" can be set. But I cannot run ./setup because we are not authorized to make profiles in the directory.

Another way to configure? Any ideas?

Thanks in advance,
Aitor
3 REPLIES 3
Highlighted
Exalted Contributor
Solution

Re: Configuration of LDAP-UX B.04.17 without Setup Program

Shalom,

I would think if you can integrate the entire system into the LDAP server via the setup tool, the library calls the SAP tools are trying are more likely to succeed.

The system may need to be made part of the domain trust to insure full services from your windows PDC.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Highlighted
New Member

Re: Configuration of LDAP-UX B.04.17 without Setup Program

I understand that maybe a computer account or any AD integration must be done.
I'll follow configuration guide and try to make this relationship.
Highlighted
Exalted Contributor

Re: Configuration of LDAP-UX B.04.17 without Setup Program

Aitor,

The setup is not trivial and can be fairly hairy from the Unix standpoint.

First the Windows PDC must be up to date with the latest RFC for LDAP. A base Windows 2003 Server without substantial patching will work with Linux but not HP-UX.

You need nearly full administrative access to the Windows PDC to make this install work.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com