ldapclient가 잘 되지 않았다.
그래서 ubuntu처럼 openldap으로 가기로 결심.
일단은 솔라리스 ldapclient가 개판으로 만든 것을 없애자.
# ldapclient uninit
sunfreeware에서 openldap을 받아 설치.
/etc/openldap.conf가 아닌
/usr/local/etc/openldap/openldap.conf가 설정파일이다. 고약한걸?
ln -s /usr/local/etc/openldap/ /etc/openldap
이렇게 해주었다.
ldap.conf를 되는 곳에서 컨닝해옴. (리눅스 것)
-------------------------------------------------------------
# @(#)$Id: ldap.conf,v 1.34 2004/09/16 23:32:02 lukeh Exp $
#
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
# PADL Software
#http://www.padl.com
#
# Your LDAP server. Must be resolvable without using LDAP.
# Multiple hosts may be specified, each separated by a
# space. How long nss_ldap takes to failover depends on
# whether your LDAP client library supports configurable
# network or connect timeouts (see bind_timelimit).
host 147.46.112.141
# The distinguished name of the search base.
base dc=DOMAIN,dc=xxx,dc=ac,dc=kr
binddn cn=proxyuser,cn=builtin,dc=DOMAIN,dc=xxx,dc=ac,dc=kr
bindpw secret
scope sub
# RFC 2307 (AD) mappings
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_attribute uid sAMAccountName
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute shadowLastChange pwdLastSet
nss_map_objectclass posixGroup group
nss_map_attribute uniqueMember member
pam_login_attribute sAMAccountName
pam_filter objectclass=User
pam_password md5
sasl_secprops maxssf=0
ssl no
tls_cacertdir /etc/openldap/cacerts
아직 getent passwd는 되지 않는다.