Solaris 10 DS5.2Q4 with SSL/TLS with Replicaton

I have been working on configuring DS5.2Q4 on Solaris 10 11/06. I have been successful with Gary Tay's documentation (a few changes for new syntax and svcs). My current configuration only has one ldap server and using self signed certs.
I would now like to move to the next step of maintaining my ssl/tls but adding another master with replication.
Here are a couple of my questions.
1) How do I configure my clients to work with both replication master servers. I am a little confused since the certs in my client are assigned to only one of my masters. Do both masters need the same cert, or is there a way to allow for both certs to be loated on the client (/var/ldap).
2) Enable secure replication. I have not looked too deep into this yet, but that is my plan.
As a final note, I would like to thank Gary Tay for all of his feedback and documentation. I find that Sun often lacks step by step procedures for tasks such as this. Thanks!

Similar Messages

Native Solaris 10 with DSEE 6.3.1 (or JSDS) with SSL (tls:simple)

Hello There,
I need some help from DSEE or LDAP experts.
I am trying to configure DSEE 6.3.1 to use SSL(tls:simple).
*{color:#0000ff}I have Simple(non-SSL) method working just fine and*
**Also ldapsearch command works fine with simple and SSL methods*{color}**. So I know my certs are good but I just can not make ldap clien to work*
*I followed this document [http://brandonhutchinson.com/wiki/Soup_To_Nuts_Sun_DSEE#Solaris_10_instructions]*
I am using
ldapclient -v init -a profileName=profile3 -a certificatePath=/var/ldap -a domainName=mydomain.com -a proxyDN="cn=proxyagent,ou=pro*file,dc=mydomain,dc=com" -a proxyPassword=XXXXX ldap200.mydomain.com*
Here is the output
+Parsing profileName=profile3+
+Parsing certificatePath=/var/ldap+
+Parsing domainName=mydomain.com+
+Parsing proxyDN=cn=proxyagent,ou=profile,dc=mydomain,dc=com+
+Parsing proxyPassword=xxxxx+
+Arguments parsed:+
+domainName: mydomain.com+
+proxyDN: cn=proxyagent,ou=profile,dc=mydomain,dc=com+
+profileName: profile3+
+proxyPassword: xxxxx+
+defaultServerList: ldap200.mydomain.com+
+certificatePath: /var/ldap+
+Handling init option+
+About to configure machine by downloading a profile+
+findBaseDN: begins+
+findBaseDN: ldap not running+
+findBaseDN: calling __ns_ldap_default_config()+
+found 1 namingcontexts+
+findBaseDN: __ns_ldap_list(NULL, "(&(objectclass=nisDomainObject)(nisdomain=mydomain.com))"+
+rootDN[0] dc=mydomain,dc=com+
+found baseDN dc=mydomain,dc=com for domain mydomain.com+
+Proxy DN: cn=proxyagent,ou=profile,dc=mydomain,dc=com+
+Proxy password: {NS1}67eb0f447bc0f619+
+Credential level: 1+
+Authentication method: 3+
+About to modify this machines configuration by writing the files+
+Stopping network services+
+sendmail not running+
+nscd not running+
+autofs not running+
+ldap not running+
+nisd not running+
+nis(yp) not running+
+file_backup: stat(/etc/nsswitch.conf)=0+
+file_backup: (/etc/nsswitch.conf -> /var/ldap/restore/nsswitch.conf)+
+file_backup: stat(/etc/defaultdomain)=0+
+file_backup: (/etc/defaultdomain -> /var/ldap/restore/defaultdomain)+
+file_backup: stat(/var/nis/NIS_COLD_START)=-1+
+file_backup: No /var/nis/NIS_COLD_START file.+
+file_backup: nis domain is "mydomain.com"+
+file_backup: stat(/var/yp/binding/mydomain.com)=-1+
+file_backup: No /var/yp/binding/mydomain.com directory.+
+file_backup: stat(/var/ldap/ldap_client_file)=-1+
+file_backup: No /var/ldap/ldap_client_file file.+
+Starting network services+
+start: /usr/bin/domainname mydomain.com... success+
+start: sleep 100000 microseconds+
+start: sleep 200000 microseconds+
+start: network/ldap/client:default... success+
+restart: sleep 100000 microseconds+
+restart: sleep 200000 microseconds+
+restart: milestone/name-services:default... success+
+System successfully configured+
+When I run+
*It takes long time and then*
*+ldaplist: Object not found (Session error no available conn.+*
*+)+*
{color:#0000ff}The command logins also takes long time and does not show any LDAP users.{color}
*+{color:#ff6600}Here is the output from cachemgr.log on client*+*
*+{color}+*
+Tue Jul 14 12:16:07.8984 Starting ldap_cachemgr, logfile /var/ldap/cachemgr.log+
+Tue Jul 14 12:16:07.9391 sig_ok_to_exit(): parent exiting...+
+Tue Jul 14 12:16:17.9511 getldap_set_refresh_ttl:(6) refresh ttl is 300 seconds+
+Tue Jul 14 12:16:38.0741 getldap_set_refresh_ttl:(6) refresh ttl is 150 seconds+
+Tue Jul 14 12:16:38.0755 Error: Unable to refresh profile:profile3:Session error no available conn.+
+Tue Jul 14 12:16:38.0756 Error: Unable to update from profile+
+{color:#ff6600}Here is the out from /var/adm/messages.+
+{color:#000000}Jul 14 12:16:38 ldap300 ldap_cachemgr[19726]: [ID 293258 daemon.warning] libsldap: Status: 81 Mesg: openConnection: simple bind fai{color}+{color:#000000}+led - Can't contact LDAP server+
+Jul 14 12:16:38 ldap300 ldap_cachemgr[19726]: [ID 292100 daemon.warning] libsldap: could not remove 192.168.190.146 from servers list+
+Jul 14 12:16:38 ldap300 ldap_cachemgr[19726]: [ID 293258 daemon.warning] libsldap: Status: 7 Mesg: Session error no available conn.+
+Jul 14 12:16:38 ldap300 ldap_cachemgr[19726]: [ID 186574 daemon.error] Error: Unable to refresh profile:profile3: Session error no available conn.+
+Jul 14 12:16:38 ldap300 /usr/lib/nfs/nfsmapid[19731]: [ID 293258 daemon.warning] libsldap: Status: 81 Mesg: openConnection: simple+ +bind failed - Can't contact LDAP server+
+Jul 14 12:16:38 ldap300 /usr/lib/nfs/nfsmapid[19731]: [ID 292100 daemon.warning] libsldap: could not remove 192.168.190.146 from servers list+
+Jul 14 12:16:38 ldap300 /usr/lib/nfs/nfsmapid[19731]: [ID 293258 daemon.warning] libsldap: Status: 7 Mesg: Session error no avaible conn.+
*ANY HELP IS GREATLY APPRECIATED*
*THANKS*
Edited by: PranavPatel on Jul 14, 2009 12:41 PM
Edited by: PranavPatel on Jul 14, 2009 12:46 PM

Here is the the profile from Server
Non-editable attributes
dn: cn=profile3,ou=profile,dc=mydomain,dc=com
authenticationmethod: tls:simple
bindtimelimit: 10
cn: profile3
credentiallevel: proxy
defaultsearchbase: dc=mydomain,dc=com
defaultsearchscope: one
defaultserverlist: 192.168.190.146 192.168.11.221
followreferrals: FALSE
objectclass: top
objectclass: DUAConfigProfile
profilettl: 43200
searchtimelimit: 30
serviceauthenticationmethod: passwd-cmd:tls:simple
serviceauthenticationmethod: keyserv:tls:simple
serviceauthenticationmethod: pam_ldap:tls:simple
Editable attributes:
createtimestamp: 20090714180638Z
creatorsname: cn=directory manager
entrydn: cn=profile3,ou=profile,dc=mydomain,dc=com
entryid: 26
hassubordinates: FALSE
modifiersname: cn=directory manager
modifytimestamp: 20090714180638Z
nsuniqueid: f37fa281-70a011de-80b5f403-069e0ba9
numsubordinates: 0
parentid: 13
subschemasubentry: cn=schema
And here is the output of
*# ldapclient list*
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_BINDDN= cn=proxyagent,ou=profile,dc=mydomain,dc=com
+NS_LDAP_BINDPASSWD= {NS1}67eb0f447bc0f619+
NS_LDAP_SERVERS= 192.168.190.146, 192.168.11.221
NS_LDAP_SEARCH_BASEDN= dc=mydomain,dc=com
NS_LDAP_AUTH= tls:simple
NS_LDAP_SEARCH_REF= FALSE
NS_LDAP_SEARCH_SCOPE= one
NS_LDAP_SEARCH_TIME= 30
NS_LDAP_CACHETTL= 43200
NS_LDAP_PROFILE= profile3
NS_LDAP_CREDENTIAL_LEVEL= proxy
NS_LDAP_BIND_TIME= 10
NS_LDAP_SERVICE_AUTH_METHOD= pam_ldap:tls:simple
NS_LDAP_SERVICE_AUTH_METHOD= keyserv:tls:simple
NS_LDAP_SERVICE_AUTH_METHOD= passwd-cmd:tls:simple
NS_LDAP_HOST_CERTPATH= /var/ldap
Edited by: PranavPatel on Jul 14, 2009 1:08 PM

SSL/TLS clients binds fail to Solaris 10 06/06 DS5.2p4 Server

hello all,
this is a bizarre issue that i think is related to the solaris version that is running on the directory server, at least this appears to the the issue. i have 2 SunDS servers running solaris 10 06/06 and the other solaris 10 01/06 with DS5.2p4. both have SSL enabled, the certs i signed with my own CA which i maintain with tinyca2. the directory starts fine and is listening on both 389(ldap) and 636(ldaps). i am able to successfully bind to both servers on the non-secure ports fine, commands like getent, finger, id are pulling the people from the directory. when i enable the clients to use ssl/tls those same commands fail against the solaris 10 06/06 machine but NOT the solaris 10 01/06 server. on the linux machines i'm getting "nscd: pam_ldap: could not search LDAP server" errors and on the solaris machines "Mesg: openConnection: failed to initialize TLS security" and "libsldap: Status: 7 Mesg: Session error no available conn."
using "ldapsearch -x -ZZ" from the clients is successful to both systems, and i can use "openssl s_client" to view the certs fine. another bizzare occurance is when i do "getent passwd" i see the local and ldap users but "getent passwd ldap_user" will return nothing. again this are against the solaris 10 06/06 machine.
has anyone see this before? i'm going to open a service request for sun on this but i wanted to see if anyone else has run into this.

there was a problem with the certificate db which was causing this.

SSL/TLS security certificate data match with XML Payload in SAP PI

Hi,
We are working on a solution where we would want to use SSL/TLS or WS Security with client server mutual authentication using client server certificates.
But, once the sender is authenticated using the certificates, can the XML payload be matched for the correctness with the certificate information? Is this available to PI integration engine at any time? Like Sender A autheticated as A using certificates, must be stopped if his XML payload is saying that he is sender B (which is most unlikely if we trust the senders but did not want to leave a loophole).
Any ideas here?
Thanks and Regards,
Vijay

Hi Wolfgang,
Cross-posting is discouraged and against the forum rules, because it is misused and makes a mess of the search due to distributed discussions and answers.
I will move it to the PI forum and add a watch on it as it is security forum related.
Unfortunately, the forum software does not have the option to "mirror" threads.
Cheers,
Julius
Edited by: Julius Bussche on Sep 14, 2009 9:50 PM

Set-IRMConfiguration failed with error "Cou ld not establish trust relationship for the SSL/TLS secure channel."

Hi, experts
I'm trying to configure a lab environment according tutorial http://www.msexchange.org/articles-tutorials/exchange-server-2010/compliance-policies-archiving/rights-management-server-exchange-2010-part3.html
After completing configuration, I execute cmdlet Set-IRMConfiguration -InternalLicensingEnabled $true, but get error
The remote certificate is invalid according to the validation procedure. ---> The underlying connection was closed: Cou
ld not establish trust relationship for the SSL/TLS secure channel. ---> Failed to get Server Info from https://exhv-65
94/_wmcs/certification/server.asmx.
+ CategoryInfo : InvalidOperation: (:) [Set-IRMConfiguration], Exception
+ FullyQualifiedErrorId : C810E449,Microsoft.Exchange.Management.RightsManagement.SetIRMConfiguration
Then I run cmdlet Test-IRMConfiguration -Sender [email protected] and get error
Results : Checking Exchange Server ...
- PASS: Exchange Server is running in Enterprise.
Loading IRM configuration ...
- PASS: IRM configuration loaded successfully.
Retrieving RMS Certification Uri ...
- PASS: RMS Certification Uri: https://server1/_wmcs/certification.
Verifying RMS version for https://server1/_wmcs/certification ...
- WARNING: Failed to verify RMS version. IRM features require AD RMS on Windows Server 2008 SP2 with the
hotfixes specified in Knowledge Base article 973247 (http://go.microsoft.com/fwlink/?linkid=3052&kbid=973247)
or AD RMS on Windows Server 2008 R2.
Microsoft.Exchange.Security.RightsManagement.RightsManagementException: Failed to get Server Info from https:
//server1/_wmcs/certification/server.asmx. ---> System.Net.WebException: The underlying connection was clos
ed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authenticatio
n.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest async
Request, Exception exception)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest async
Request)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest async
Request)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest async
Request)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequ
est asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Obje
ct state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Microsoft.Exchange.Security.RightsManagement.SOAP.Server.ServerWS.GetServerInfo(ServerInfoRequest[] req
uests)
at Microsoft.Exchange.Security.RightsManagement.ServerWSManager.ValidateServiceVersion(String featureXPath
--- End of inner exception stack trace ---
at Microsoft.Exchange.Security.RightsManagement.ServerWSManager.ValidateServiceVersion(String featureXPath
at Microsoft.Exchange.Management.RightsManagement.IRMConfigurationValidator.ValidateRmsVersion(Uri uri, Se
rviceType serviceType)
at Microsoft.Exchange.Management.RightsManagement.IRMConfigurationValidator.TryGetRacAndClc()
OVERALL RESULT: PASS with warnings on disabled features
From the error message, this issue seem to related with SSL/TLS connection. So I go back to check configuration and find out a difference to tutorial. Current SCP url is https://server1/_wmcs/certification, but in tutorial it is https://server1:433/_wmcs/certification.
On my opinion, I don't think it is the real reason.
So, how can I resolve this error? Could you give me some suggestion? Thanks in advance.
System Info:
Windows Server 2008 R2 + Exchange Server 2010 SP3 RTM

Hi
Please have a try with the solution on this KB article
“Error message when you try to test access from the Microsoft Dynamics CRM E-mail Router: "Incoming Status: Failure - The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel"”
http://support.microsoft.com/kb/954584/en-us
Cheers
Zi Feng
TechNet Community Support

Could not establish trust relationship for the SSL/TLS secure channel with authority

Hello everyone, I need to establish a connection between my HTTPS WCF hosted in Windows Azure Web Role and my Windows Store App Client. The service is actually exposed for testing purposes using a self-signed certificate.
I have installed the certificate in Personal and Trusted Root Certification Authorities in Current User and Local Manchine.
In the Windows Store App, I create the service reference pointing to the cloud https service, then edit the manifest and create a new declaration to Add a New Certificate, I checked Exclusive Trust and Auto select, pointing to Root storage name and
my self-signed certificate.cer.
The result is the following exception in the IntelliTrace stack:
Exception:Caught: "The remote certificate is invalid according to the validation procedure." (System.Security.Authentication.AuthenticationException)
A System.Security.Authentication.AuthenticationException was caught: "The remote certificate is invalid according to the validation procedure."
Time: 19/01/2015 04:42:33 p. m.
Thread:Worker Thread[17080]
Exception:Thrown: "Could not establish trust relationship for the SSL/TLS secure channel with authority 'appchallengewhi.cloudapp.net'." (System.ServiceModel.Security.SecurityNegotiationException)
A System.ServiceModel.Security.SecurityNegotiationException was thrown: "Could not establish trust relationship for the SSL/TLS secure channel with authority 'appchallengewhi.cloudapp.net'."
Time: 19/01/2015 04:42:34 p. m.
Thread:Worker Thread[17080]
Appreciate any help, to solve this with the approach of WCF Service Reference in Windows Store App.
Note:
If I call the HTTPS service using a Console App it works very good using the following the code:
ChannelFactory<IAgentService> factory = new ChannelFactory<IAgentService>("basicHttpBinding_IAgentService");
ServicePointManager.ServerCertificateValidationCallback = (sender, cert, chain, error) => true;
IAgentService wcfProxy = factory.CreateChannel();
Thanks in advance,
RC

Maybe not implemented.
https://social.msdn.microsoft.com/Forums/windowsapps/en-US/2dab2818-8f4c-4474-a7a1-db2cbfb40d40/accepting-client-certificate-for-https-connections?forum=winappswithcsharp

Could not establish trust relationship for the SSL/TLS secure channel with authority SharePoint ssis connectors

Hi All,
I am using SharePoint List Connectors to load the data from Sharepoint list to Sql server.
I have created an ssis package and attached to the SQL agent job in works fine
SharePoint Source dev url : http://company.dev.com (working fine)(http)
DB server:(server\instance)
I thought all i good and can test with the uat sharepoint url.
I have changed the configuration url yo point to uat.(https)
SharePoint Source dev url : https://companyuat.dev.com (working fine)
DB server:(server\instance)
Suddently it fails when with the following error:
In both the cases i am running the agent job from the same db server
DB server:(server\instance)
Error Message:
Could not establish trust relationship for the SSL/TLS secure channel with authority 'companyuat.dev.com'. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Source: Data Flow Task SharePoint List Source [1] Description: System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'companyuat.dev.com'. ---> System.Net.WebException:
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Is there is workaround to reslove this?Any inputs highly appreciated as it is time to move to production :(.
Thanks
Ravi
Ravi

This is the important error: The remote certificate is invalid according to the validation procedure.
Your SharePoint server certificate is invalid. You have to either correct your certificate or make your SSIS client machine explicitly trust the server certificate.
SSIS Tasks Components Scripts Services | http://www.cozyroc.com/

" Could not create SSL/TLS secure channel " error with Webtest of VS 2013

hello !
I want to test my mvc web project with webtest tools of VS 2013 and I Record a test with Internet Explorer
but when I run test appear this error for me at result of test run : Could not create SSL/TLS secure channel
for some requested url , but i watch requests in developer tools of chrome browser and I don't see this error.
i have ssl certificate on the server.
thanks

Hi ArashGhf,
>>but when I run test appear this error for me at result of test run : Could not create SSL/TLS secure channel
Based on the error message, it looks like it might be a problem with your certificate not being set up correctly for web performance test.
Therefore, I suggest you could refer the autom8dTest's suggestion to convert the Web performance test to coded web performance test and then add the WebTestRequest ClientCertificates property to the ClientCertificates collection after the request
is set up.
For more information, please refer to it.
https://social.msdn.microsoft.com/Forums/en-US/49e8d188-90c3-4d72-b387-10b1d1adc4a0/ssl-in-webtests-request-failed?forum=vstswebtest
Hope it help you!
Best Regards,
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey.

The full exception text is: Could not establish trust relationship for the SSL/TLS secure channel with authority :32844'.

Hi I am getting this error,
The Secure Store Service application Secure Store Service is not accessible
The full exception text is: Could not establish trust relationship for the SSL/TLS secure channel with authority 'sp:32844'.
Any help will be appreciated

You may need to add the SSL to the SharePoint Trusted Root Authority.Get the root cert for the site you are securing with HTTPS/SSL and add in SharePoint Trusted Root Authority. As explained here -
https://social.technet.microsoft.com/Forums/office/en-US/2aed19c6-24df-4646-b946-f4365a05e32f/secure-store-service-stops-working-once-or-twice-every-day-could-not-establish-trust-relationship?forum=sharepointadmin
http://brainlitter.com/2012/03/13/sharepoint-2010-and-cert-trust-could-not-establish-trust-relationship-for-the-ssltls-secure-channel/
Thanks
Ganesh Jat [My Blog |
LinkedIn | Twitter ]
Please click 'Mark As Answer' if a post solves your problem or 'Vote As Helpful' if it was useful.

Creating a TCP connection with SSL/TLS

Hi,
I am working in a application that depends on the server. I need to estabilish a TCP connection with SSL/Tls secure connection with the server in order to get the datas.
I have the following code structure :
- (id)initWithHostAddressNSString*)_host andPortint)_port
[self clean];
self.host = _host;
self.port = _port;
CFWriteStreamRef writeStream;
CFReadStreamRef readStream;
return self;
-(BOOL)connect
if ( self.host != nil )
// Bind read/write streams to a new socket
CFStreamCreatePairWithSocketToHost(kCFAllocatorDef ault, (CFStringRef)self.host, self.port, &readStream, &writeStream);
return [self setupSocketStreams];
- (BOOL)setupSocketStreams
// Make sure streams were created correctly
if ( readStream == nil || writeStream == nil )
[self close];
return NO;
// Create buffers ---- has not been released , so need to check possible ways to release in future
incomingDataBuffer = [[NSMutableData alloc] init];
outgoingDataBuffer = [[NSMutableData alloc] init];
// Indicate that we want socket to be closed whenever streams are closed
CFReadStreamSetProperty(readStream, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanTrue);
CFWriteStreamSetProperty(writeStream, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanTrue);
//Indicate that the connection needs to be done in secure manner
CFReadStreamSetProperty(readStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelNegotiatedSSL);
CFWriteStreamSetProperty(writeStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelNegotiatedSSL);
// We will be handling the following stream events
CFOptionFlags registeredEvents = kCFStreamEventOpenCompleted |
kCFStreamEventHasBytesAvailable | kCFStreamEventCanAcceptBytes |
kCFStreamEventEndEncountered | kCFStreamEventErrorOccurred;
// Setup stream context - reference to 'self' will be passed to stream event handling callbacks
CFStreamClientContext ctx = {0, self, NULL, NULL, NULL};
// Specify callbacks that will be handling stream events
BOOL doSupportAsync = CFReadStreamSetClient(readStream, registeredEvents, readStreamEventHandler, &ctx);
BOOL doSupportAsync1 = CFWriteStreamSetClient(writeStream, registeredEvents, writeStreamEventHandler, &ctx);
NSLog(@"does supported in Asynchrnous format? : %d :%d", doSupportAsync, doSupportAsync1);
// Schedule streams with current run loop
CFReadStreamScheduleWithRunLoop(readStream, CFRunLoopGetCurrent(), kCFRunLoopDefaultMode);
CFWriteStreamScheduleWithRunLoop(writeStream, CFRunLoopGetCurrent(), kCFRunLoopDefaultMode);
// Open both streams
if ( ! CFReadStreamOpen(readStream) || ! CFWriteStreamOpen(writeStream))
// close the connection
return NO;
return YES;
// call back method for reading
void readStreamEventHandler(CFReadStreamRef stream,CFStreamEventType eventType, void *info)
Connection* connection = (Connection*)info;
[connection readStreamHandleEvent:eventType];
// call back method for writing
void writeStreamEventHandler(CFWriteStreamRef stream, CFStreamEventType eventType, void *info)
Connection* connection = (Connection*)info;
[connection writeStreamHandleEvent:eventType];
`
As above, I have used
CFReadStreamSetProperty(readStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelSSLv3);
CFWriteStreamSetProperty(writeStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelSSLv3);
in order to make a secured connection using sockets.
The url i am using is in the format "ssl://some domain.com"
But in my call back method i am always getting only kCFStreamEventErrorOccurred for CFStreamEventType .
I also tried with the url "https://some domain.com" ,but getting the same error.
i also commented out setting kCFStreamPropertySocketSecurityLevel, but still i am receiving the same error that i mentioned above.
I dont know how it returns the same error. I have followed the api's and docs , but they mentioned the same way of creating a connection as i had given above.
I tried to get the error using the following code :
CFStreamError error = CFWriteStreamGetError(writeStream);
CFStreamErrorDomain errDomain = error.domain;
SInt32 errCode = error.error;
The value for errCode is 61 and errDomain is kCFStreamErrorDomainPOSIX. so i checked out the "errno.h", it specifies errCode as "Connection refused"
I need a help to fix this issue.
If the above code is not the right one,
**(i)how to create a TCP connection with SSL/TLS with the server.**
**(ii)How the url format should be(i.e its "ssl://" or "https://").**
**(iii)If my above code is correct where lies the error.**
I hope the server is working properly. Because I can able to communicate with the server and get the datas properly using BlackBerry and android phones. They have used SecuredConnection api's built in java. Their url format is "ssl://" and also using the same port number that i have used in my code.
Any help would be greatly appreciated.
Regards,
Mohammed Sadiq.

Hello Naxito. Welcome to the Apple Discussions!
Try the following ...
Perform a "factory default" reset of the AX
o (ref: http://docs.info.apple.com/article.html?artnum=108044)
Setup the AX
Connect to the AX's wireless network, and then, using the AirPort Admin Utility, try these settings:
AirPort tab
o Base Station Name: <whatever you wish or use the default>
o AirPort Network Name: <whatever you wish or use the default>
o Create a closed network (unchecked)
o Wireless Security: Not enabled
o Channel: Automatic
o Mode: 802.11b/g Compatible
Internet tab
o Connect Using: Ethernet
o Configure: Manually
o IP address: <Enter your college-provided IP address>
o Subnet mask: <Enter your college-provided subnet mask IP address>
o Router address: <Enter your college-provided router IP address>
o DNS servers: <Enter your college-provided DNS server(s)
o WAN Ethernet Port: Automatic
<b>Network tab
o Distribute IP addresses (checked)
o Share a single IP address (using DHCP & NAT) (enabled)

Broken SSL/TLS SMTP authentication with Outlook Express

Hi All,
I've created two ports for SMTP-Authentication with required SSL/TLS : port 25 and port 587. Everythings work fine on port 25 (both smtp-auth and ssl/tls works).
But when using Outlook Express with port 587, the problems happens:
Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity. Account: 'pop.cbn.net.id', Server: 'smtps.cbn.net.id', Protocol: SMTP, Port: 587, Secure(SSL): Yes, Error Number: 0x800CCC0F
I've already disable windows firewall, Desktop Antivirus etc. but still not works.
Does anyone has the same problem? Thank you.

Sorry I'm a little late to the party.
This is a bug in OE. It is attempting to do an SSL negotiation immediately when the connection opens, like what a web browser does for HTTPS connections, rather than using the STARTTLS mechanism to start TLS in the middle of the connection. In other words, it's attempting to use the old, never actually standardized SMTPS protocol if you attempt to do secure SMTP on any port other than 25. When we deployed mandatory SSL/TLS here, we had to deploy an SMTPS server on port 465, just for OE users (our mail relay server is not an IronPort).
SMTPS was never standardized, never even made it past one Internet-Draft. It's allocation of port 465 was later revoked by IANA and reassigned to another protocol. Yet it was treated as gospel by many mail client authors. I refused to support it on our mail server until it became obvious that OE simply wouldn't work otherwise (getting correct STARTTLS operation by using port 25 is not always available because of ISPs doing port 25 blocking). I don't blame IronPort in the least for not supporting it, although it does make this situation harder to resolve.
I have learned to hate OE.

Reporting services with R2 on DPM2012 - Could not establish trust relationship for the SSL/TLS secure channel

Hi everyone,
A somewhat similar question has been asked before by others but none of the answers given has helped me.I am attempting a DPM 2012 installation, which is failing at the "deploying reports" stage.My analysis of logs seems to point me in the direction of an SSL
error, which does not make sense since the configuration files say SSL is disabled (or at least, should be).
Here are the symptoms:
1.I am able to browse http://FQDN/Reports_MSDPM2012 folder from internet explorer
2.I am also able to browse http://FQDN/ReportServer_MSDPM2012 from internet explorer
3.The information given in the logs and relevant config files is shown below:
<<RSREPORTSERVER.CONFIG>>
<ConnectionType>Default</ConnectionType>
<LogonUser></LogonUser>
<LogonDomain></LogonDomain>
<LogonCred></LogonCred>
<InstanceId>MSRS10_50.MSDPM2012</InstanceId>
<InstallationID>{d9b1c335-5842-4a81-9148-79184c38bf09}</InstallationID>
<Add Key="SecureConnectionLevel" Value="0"/>
<Add Key="CleanupCycleMinutes" Value="10"/>
<Add Key="MaxActiveReqForOneUser" Value="20"/>
<Add Key="DatabaseQueryTimeout" Value="120"/>
<Add Key="RunningRequestsScavengerCycle" Value="60"/>
<Add Key="RunningRequestsDbCycle" Value="60"/>
<Add Key="RunningRequestsAge" Value="30"/>
<Add Key="MaxScheduleWait" Value="5"/>
<Add Key="DisplayErrorLink" Value="true"/>
<Add Key="WebServiceUseFileShareStorage" Value="false"/>





<Add Key="WatsonFlags" Value="0x0428"/>
<Add Key="WatsonDumpOnExceptions"
4.The DPM log file still appears to be using SSL even though i used reporting services configuration to remove SSL bindings:
running.Microsoft.Internal.EnterpriseStorage.Dls.Setup.Exceptions.BackEndErrorException: exception ---> Microsoft.Internal.EnterpriseStorage.Dls.Setup.Exceptions.ReportDeploymentException:
exception ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Net.WebException: The underlying connection was closed: Could
not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException:
The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest,
Exception exception)
5:I do have an SCCM site on the default web site used by SMS clients but on different ports
I am stumped.Somebody please give some advice
Thank you

Hi
This is an old post but did you come right?

Solaris 8, pam_ldap and SSL/TLS

Has anyone got the experience of compiling and installing pam_ldap (padl version) with ssl/tls support on Solaris 8? I tried compiling pam_ldap with Netscape LDAP SDK, but it failed to compile ldap_ssl.h . So I am wondering... is that something I can do on solaris 8? (I am using iDS 5.1)
Error received on compilation:
# ./configure with-ldap-lib=netscape5 with-ldap-dir=/ldapsdk
loading cache ../config.cache
checking host system type... sparc-sun-solaris2.8
checking target system type... sparc-sun-solaris2.8
checking build system type... sparc-sun-solaris2.8
checking for a BSD compatible install... ../install-sh -c
checking whether build environment is sane... yes
checking for mawk... no
checking for gawk... no
checking for nawk... nawk
checking whether make sets ${MAKE}... yes
checking for working aclocal... missing
checking for working autoconf... found
checking for working automake... missing
checking for working autoheader... found
checking for working makeinfo... missing
checking for gnutar... no
checking for gtar... no
checking for tar... tar
checking for gcc... gcc
checking whether the C compiler (gcc ) works... yes
checking whether the C compiler (gcc ) is a cross-compiler... no
checking whether we are using GNU C... yes
checking whether gcc accepts -g... yes
checking how to run the C preprocessor... gcc -E
checking for a BSD compatible install... ../install-sh -c
checking for security/pam_appl.h... yes
checking for security/pam_misc.h... no
checking for security/pam_modules.h... yes
checking for pam/pam_appl.h... no
checking for pam/pam_misc.h... no
checking for pam/pam_modules.h... no
checking for des.h... no
checking for crypt.h... yes
checking for lber.h... yes
checking for ldap.h... yes
checking for ldap_ssl.h... yes
checking for main in -ldl... yes
checking for main in -lpam... yes
checking for main in -lresolv... yes
checking for main in -lcrypt... yes
checking for main in -lnsl... yes
checking for gethostbyname... yes
checking for main in -lldap50... yes
checking for main in -lpthread... yes
checking for ldap_init... yes
checking for ldap_get_lderrno... yes
checking for ldap_set_lderrno... yes
checking for ldap_parse_result... yes
checking for ldap_memfree... yes
checking for ldap_controls_free... yes
checking for ldap_set_option... yes
checking for ldap_get_option... yes
checking for ldapssl_init... yes
checking for ldap_start_tls_s... no
checking for ldap_pvt_tls_set_option... no
checking for ldap_initialize... no
checking for gethostbyname_r... yes
checking whether gethostbyname_r takes 6 arguments... 5
checking for ldap_set_rebind_proc... yes
checking whether ldap_set_rebind_proc takes 3 arguments... 3
updating cache ../config.cache
creating ./config.status
creating Makefile
creating config.h
# make
cd . && /padl/pam_ldap-161/missing aclocal
WARNING: `aclocal' is missing on your system. You should only need it if
you modified `acinclude.m4' or `configure.in'. You might want
to install the `Automake' and `Perl' packages. Grab them from
any GNU archive site.
cd . && /padl/pam_ldap-161/missing automake --gnu Makefile
WARNING: `automake' is missing on your system. You should only need it if
you modified `Makefile.am', `acinclude.m4' or `configure.in'.
You might want to install the `Automake' and `Perl' packages.
Grab them from any GNU archive site.
cd . && autoconf
/bin/sh ../config.status --recheck
running /bin/sh ./configure with-ldap-lib=netscape5 with-ldap-dir=/ldapsdk no-create no-recursion
checking build system type... sparc-sun-solaris2.8
checking host system type... sparc-sun-solaris2.8
checking target system type... sparc-sun-solaris2.8
checking for a BSD-compatible install... ../install-sh -c
checking whether build environment is sane... yes
checking for gawk... no
checking for mawk... no
checking for nawk... nawk
checking whether make sets $(MAKE)... yes
checking for working aclocal... missing
checking for working autoconf... found
checking for working automake... missing
checking for working autoheader... found
checking for working makeinfo... missing
checking for gnutar... no
checking for gtar... no
checking for tar... tar
checking for gcc... gcc
checking for C compiler default output... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ANSI C... none needed
checking how to run the C preprocessor... gcc -E
checking for a BSD-compatible install... ../install-sh -c
checking for egrep... egrep
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... no
checking for unistd.h... yes
checking security/pam_appl.h usability... yes
checking security/pam_appl.h presence... yes
checking for security/pam_appl.h... yes
checking security/pam_misc.h usability... no
checking security/pam_misc.h presence... no
checking for security/pam_misc.h... no
checking security/pam_modules.h usability... no
checking security/pam_modules.h presence... yes
configure: WARNING: security/pam_modules.h: present but cannot be compiled
configure: WARNING: security/pam_modules.h: check for missing prerequisite headers?
configure: WARNING: security/pam_modules.h: proceeding with the preprocessor's result
configure: WARNING: ## ------------------------------------ ##
configure: WARNING: ## Report this to [email protected]. ##
configure: WARNING: ## ------------------------------------ ##
checking for security/pam_modules.h... yes
checking pam/pam_appl.h usability... no
checking pam/pam_appl.h presence... no
checking for pam/pam_appl.h... no
checking pam/pam_misc.h usability... no
checking pam/pam_misc.h presence... no
checking for pam/pam_misc.h... no
checking pam/pam_modules.h usability... no
checking pam/pam_modules.h presence... no
checking for pam/pam_modules.h... no
checking des.h usability... no
checking des.h presence... no
checking for des.h... no
checking crypt.h usability... yes
checking crypt.h presence... yes
checking for crypt.h... yes
checking lber.h usability... yes
checking lber.h presence... yes
checking for lber.h... yes
checking ldap.h usability... yes
checking ldap.h presence... yes
checking for ldap.h... yes
checking ldap_ssl.h usability... no
checking ldap_ssl.h presence... yes
configure: WARNING: ldap_ssl.h: present but cannot be compiled
configure: WARNING: ldap_ssl.h: check for missing prerequisite headers?
configure: WARNING: ldap_ssl.h: proceeding with the preprocessor's result
configure: WARNING: ## ------------------------------------ ##
configure: WARNING: ## Report this to [email protected]. ##
configure: WARNING: ## ------------------------------------ ##
checking for ldap_ssl.h... yes
checking for main in -ldl... yes
checking for main in -lpam... yes
checking for main in -lresolv... yes
checking for main in -lcrypt... yes
checking for main in -lnsl... yes
checking for gethostbyname... yes
checking for main in -lldap50... yes
checking for main in -lpthread... yes
checking for ldap_init... yes
checking for ldap_get_lderrno... yes
checking for ldap_set_lderrno... yes
checking for ldap_parse_result... yes
checking for ldap_memfree... yes
checking for ldap_controls_free... yes
checking for ldap_set_option... yes
checking for ldap_get_option... yes
checking for ldapssl_init... yes
checking for ldap_start_tls_s... no
checking for ldap_pvt_tls_set_option... no
checking for ldap_initialize... no
checking for gethostbyname_r... yes
checking whether gethostbyname_r takes 6 arguments... 5
checking for ldap_set_rebind_proc... yes
checking whether ldap_set_rebind_proc takes 3 arguments... 3
configure: creating ../config.status
cd . \
&& CONFIG_FILES=Makefile CONFIG_HEADERS= /bin/sh ./config.status
config.status: creating Makefile
config.status: executing default-1 commands
gcc -DHAVE_CONFIG_H -DLDAP_REFERRALS -D_REENTRANT -I/ldapsdk/include -g -O2 -Wall -fPIC -c -o pam_ldap.o pam_ldap.c
gcc -DHAVE_CONFIG_H -DLDAP_REFERRALS -D_REENTRANT -I/ldapsdk/include -g -O2 -Wall -fPIC -c -o md5.o md5.c
/usr/ccs/bin/ld -o pam_ldap.so -B dynamic -M ../exports.solaris -G -B group -lc -L/ldapsdk/lib -R/ldapsdk/lib pam_ldap.o md5.o -lpthread -lldap50 -lssldap50 -lssl3 -lnss3 -lnspr4 -lprldap50 -lplc4 -lplds4 -lnsl -lcrypt -lresolv -lpam -ldl
cd . && autoheader
WARNING: Using auxiliary files such as `acconfig.h', `config.h.bot'
WARNING: and `config.h.top', to define templates for `config.h.in'
WARNING: is deprecated and discouraged.
WARNING: Using the third argument of `AC_DEFINE' and
WARNING: `AC_DEFINE_UNQUOTED' allows to define a template without
WARNING: `acconfig.h':
WARNING: AC_DEFINE([NEED_MAIN], 1,
WARNING: [Define if a function `main' is needed.])
WARNING: More sophisticated templates can also be produced, see the
WARNING: documentation.
cd . \
&& CONFIG_FILES= CONFIG_HEADERS=config.h \
/bin/bash ../config.status
config.status: creating config.h
config.status: executing default-1 commands

Has anyone got the experience of compiling and installing pam_ldap (padl version) with ssl/tls support on Solaris 8? I tried compiling pam_ldap with Netscape LDAP SDK, but it failed to compile ldap_ssl.h . So I am wondering... is that something I can do on solaris 8? (I am using iDS 5.1)
Error received on compilation:
# ./configure with-ldap-lib=netscape5 with-ldap-dir=/ldapsdk
loading cache ../config.cache
checking host system type... sparc-sun-solaris2.8
checking target system type... sparc-sun-solaris2.8
checking build system type... sparc-sun-solaris2.8
checking for a BSD compatible install... ../install-sh -c
checking whether build environment is sane... yes
checking for mawk... no
checking for gawk... no
checking for nawk... nawk
checking whether make sets ${MAKE}... yes
checking for working aclocal... missing
checking for working autoconf... found
checking for working automake... missing
checking for working autoheader... found
checking for working makeinfo... missing
checking for gnutar... no
checking for gtar... no
checking for tar... tar
checking for gcc... gcc
checking whether the C compiler (gcc ) works... yes
checking whether the C compiler (gcc ) is a cross-compiler... no
checking whether we are using GNU C... yes
checking whether gcc accepts -g... yes
checking how to run the C preprocessor... gcc -E
checking for a BSD compatible install... ../install-sh -c
checking for security/pam_appl.h... yes
checking for security/pam_misc.h... no
checking for security/pam_modules.h... yes
checking for pam/pam_appl.h... no
checking for pam/pam_misc.h... no
checking for pam/pam_modules.h... no
checking for des.h... no
checking for crypt.h... yes
checking for lber.h... yes
checking for ldap.h... yes
checking for ldap_ssl.h... yes
checking for main in -ldl... yes
checking for main in -lpam... yes
checking for main in -lresolv... yes
checking for main in -lcrypt... yes
checking for main in -lnsl... yes
checking for gethostbyname... yes
checking for main in -lldap50... yes
checking for main in -lpthread... yes
checking for ldap_init... yes
checking for ldap_get_lderrno... yes
checking for ldap_set_lderrno... yes
checking for ldap_parse_result... yes
checking for ldap_memfree... yes
checking for ldap_controls_free... yes
checking for ldap_set_option... yes
checking for ldap_get_option... yes
checking for ldapssl_init... yes
checking for ldap_start_tls_s... no
checking for ldap_pvt_tls_set_option... no
checking for ldap_initialize... no
checking for gethostbyname_r... yes
checking whether gethostbyname_r takes 6 arguments... 5
checking for ldap_set_rebind_proc... yes
checking whether ldap_set_rebind_proc takes 3 arguments... 3
updating cache ../config.cache
creating ./config.status
creating Makefile
creating config.h
# make
cd . && /padl/pam_ldap-161/missing aclocal
WARNING: `aclocal' is missing on your system. You should only need it if
you modified `acinclude.m4' or `configure.in'. You might want
to install the `Automake' and `Perl' packages. Grab them from
any GNU archive site.
cd . && /padl/pam_ldap-161/missing automake --gnu Makefile
WARNING: `automake' is missing on your system. You should only need it if
you modified `Makefile.am', `acinclude.m4' or `configure.in'.
You might want to install the `Automake' and `Perl' packages.
Grab them from any GNU archive site.
cd . && autoconf
/bin/sh ../config.status --recheck
running /bin/sh ./configure with-ldap-lib=netscape5 with-ldap-dir=/ldapsdk no-create no-recursion
checking build system type... sparc-sun-solaris2.8
checking host system type... sparc-sun-solaris2.8
checking target system type... sparc-sun-solaris2.8
checking for a BSD-compatible install... ../install-sh -c
checking whether build environment is sane... yes
checking for gawk... no
checking for mawk... no
checking for nawk... nawk
checking whether make sets $(MAKE)... yes
checking for working aclocal... missing
checking for working autoconf... found
checking for working automake... missing
checking for working autoheader... found
checking for working makeinfo... missing
checking for gnutar... no
checking for gtar... no
checking for tar... tar
checking for gcc... gcc
checking for C compiler default output... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ANSI C... none needed
checking how to run the C preprocessor... gcc -E
checking for a BSD-compatible install... ../install-sh -c
checking for egrep... egrep
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... no
checking for unistd.h... yes
checking security/pam_appl.h usability... yes
checking security/pam_appl.h presence... yes
checking for security/pam_appl.h... yes
checking security/pam_misc.h usability... no
checking security/pam_misc.h presence... no
checking for security/pam_misc.h... no
checking security/pam_modules.h usability... no
checking security/pam_modules.h presence... yes
configure: WARNING: security/pam_modules.h: present but cannot be compiled
configure: WARNING: security/pam_modules.h: check for missing prerequisite headers?
configure: WARNING: security/pam_modules.h: proceeding with the preprocessor's result
configure: WARNING: ## ------------------------------------ ##
configure: WARNING: ## Report this to [email protected]. ##
configure: WARNING: ## ------------------------------------ ##
checking for security/pam_modules.h... yes
checking pam/pam_appl.h usability... no
checking pam/pam_appl.h presence... no
checking for pam/pam_appl.h... no
checking pam/pam_misc.h usability... no
checking pam/pam_misc.h presence... no
checking for pam/pam_misc.h... no
checking pam/pam_modules.h usability... no
checking pam/pam_modules.h presence... no
checking for pam/pam_modules.h... no
checking des.h usability... no
checking des.h presence... no
checking for des.h... no
checking crypt.h usability... yes
checking crypt.h presence... yes
checking for crypt.h... yes
checking lber.h usability... yes
checking lber.h presence... yes
checking for lber.h... yes
checking ldap.h usability... yes
checking ldap.h presence... yes
checking for ldap.h... yes
checking ldap_ssl.h usability... no
checking ldap_ssl.h presence... yes
configure: WARNING: ldap_ssl.h: present but cannot be compiled
configure: WARNING: ldap_ssl.h: check for missing prerequisite headers?
configure: WARNING: ldap_ssl.h: proceeding with the preprocessor's result
configure: WARNING: ## ------------------------------------ ##
configure: WARNING: ## Report this to [email protected]. ##
configure: WARNING: ## ------------------------------------ ##
checking for ldap_ssl.h... yes
checking for main in -ldl... yes
checking for main in -lpam... yes
checking for main in -lresolv... yes
checking for main in -lcrypt... yes
checking for main in -lnsl... yes
checking for gethostbyname... yes
checking for main in -lldap50... yes
checking for main in -lpthread... yes
checking for ldap_init... yes
checking for ldap_get_lderrno... yes
checking for ldap_set_lderrno... yes
checking for ldap_parse_result... yes
checking for ldap_memfree... yes
checking for ldap_controls_free... yes
checking for ldap_set_option... yes
checking for ldap_get_option... yes
checking for ldapssl_init... yes
checking for ldap_start_tls_s... no
checking for ldap_pvt_tls_set_option... no
checking for ldap_initialize... no
checking for gethostbyname_r... yes
checking whether gethostbyname_r takes 6 arguments... 5
checking for ldap_set_rebind_proc... yes
checking whether ldap_set_rebind_proc takes 3 arguments... 3
configure: creating ../config.status
cd . \
&& CONFIG_FILES=Makefile CONFIG_HEADERS= /bin/sh ./config.status
config.status: creating Makefile
config.status: executing default-1 commands
gcc -DHAVE_CONFIG_H -DLDAP_REFERRALS -D_REENTRANT -I/ldapsdk/include -g -O2 -Wall -fPIC -c -o pam_ldap.o pam_ldap.c
gcc -DHAVE_CONFIG_H -DLDAP_REFERRALS -D_REENTRANT -I/ldapsdk/include -g -O2 -Wall -fPIC -c -o md5.o md5.c
/usr/ccs/bin/ld -o pam_ldap.so -B dynamic -M ../exports.solaris -G -B group -lc -L/ldapsdk/lib -R/ldapsdk/lib pam_ldap.o md5.o -lpthread -lldap50 -lssldap50 -lssl3 -lnss3 -lnspr4 -lprldap50 -lplc4 -lplds4 -lnsl -lcrypt -lresolv -lpam -ldl
cd . && autoheader
WARNING: Using auxiliary files such as `acconfig.h', `config.h.bot'
WARNING: and `config.h.top', to define templates for `config.h.in'
WARNING: is deprecated and discouraged.
WARNING: Using the third argument of `AC_DEFINE' and
WARNING: `AC_DEFINE_UNQUOTED' allows to define a template without
WARNING: `acconfig.h':
WARNING: AC_DEFINE([NEED_MAIN], 1,
WARNING: [Define if a function `main' is needed.])
WARNING: More sophisticated templates can also be produced, see the
WARNING: documentation.
cd . \
&& CONFIG_FILES= CONFIG_HEADERS=config.h \
/bin/bash ../config.status
config.status: creating config.h
config.status: executing default-1 commands

Solaris 8 on IA with Promise Ultra100

Hello,
i'm a newbie and i have an installation problem.
How can i install Solaris 8 on IA with a
promise ultra100 controller-card.
Can everyone help me?
T. Wrobel

That doesn't work because there's no solaris driver
for the promise ide controller (these promise ide
controllers are not 100% pci-ide compliant and need
special driver support). Ask promise for such a
solaris driver.
Most mainboards come with a PCI-IDE compliant
controller on the mainboard's chipset. Connect the
hard disk drive to that controller and solaris can
use the disk drive.

Solaris 10 on 280R with A1000

We have loaded solaris 10 ( 3/05) on our server i.e. Sunfire 280R with A1000 storage connected to it thru SCSI cable. We have addon SCSI card installed in server. Our A1000 is having only one controller.
Afterthat we have loaded sun storage RAID Manager 6.22 software to configure A1000 , we have made slices using RAID 5 & using RM6 utility. While rebooting the server we are getting following two errors & keeps scrolling on screen for about 10 minutes , though we are able to access A1000;
1. Warning : mod_load : cannot load module 'rdriver'
2. /kernel/drv/spark9/rdriver:undefined symbol 'dev_get_dev_info'
Is any solution to above errors? Is any patch / upgrade / firmware etc for above errors ?
Will it recommended to upgrade to solaris 10 or continue with solaris 9. we are using this as a database server with oracle 10G.

FYI, I think Sun discontinued support for the A1000 h/w in Solaris 10... should be documented.
I only mention this in case you want to have Sun support help you... if it works fine, I generally wouldn't worry. But it is a production system, I might have second thoughts about using Solaris 10 with unsupported h/w.
My $.02, YMMV.
David Strom

Solaris 10 DS5.2Q4 with SSL/TLS with Replicaton

Similar Messages

Maybe you are looking for