Sun DSEE and LDAP C Client

Hi All,
I have installed Sun Java System Directory Server Enterprise Edition
(DSEE) 6.1 on Red Hat Enterprise Linux Release 4 Update 3. Now I will
be developing an LDAP client application using C++ programming
language.
My question is should the client application be written using the
client library distributed by Sun themselves? Or can I develop the
LDAP client application using any (eg. OpenLDAP) LDAP client
library?
Any help on this much appreciated.
Thank you.
Rgds,
anna

My question is should the client application be
written using the
client library distributed by Sun themselves? Or can
I develop the
LDAP client application using any (eg. OpenLDAP) LDAP
client
library?Sun Directory Server works well with either flavor, so you can use whichever you prefer for your application.

Similar Messages

  • DSEE 6.3.1 client and server SMF problem

    Hi,
    I have installed DSEE 6.3.1 from the ZIP distribution. I used the manifest template /opt/SUNWdsee/ds6/install/tmpl_smf.manifest to add DSEE to the SMF. I have successfully bound the machine to be an ldap client of itself.
    My problem is that network/ldap/client and application/sun/ds seem to come up in the wrong order at boot time. This makes network/ldap/client transition to maintainence eventually even though DSEE will eventually come up. My modifications to tmpl_smf.manifest were very basic (changing %%%INSTALL_PATH%%% and changing the start and stop invocations to point directly at my instance).
    Is there something I can do to get these two services to come up in the other order?
    Thanks,
    Ian.

    I had some luck figuring this out, I added the following dependency to network/ldap/client (/var/svc/manifest/network/ldap/client.xml)
    <dependency
    name='ds'
    grouping='require_all'
    restart_on='none'
    type='service'>
    <service_fmri value='svc:/application/sun/ds' />
    </dependency>
    Unfortunately this created a dependency loop in SMF because (following the advice in http://docs.sun.com/app/docs/doc/820-0376/dps?a=view for correcting bug 6542857) I had added the following lines to my dsee.manifest
    + <dependency name="nameservice" grouping="require_all" \
    + restart_on="none" type="service">
    + <service_fmri value="svc:/milestone/name-services"/>
    + </dependency>
    I removed these lines and imported the service config again and now DSEE and ldap/client come up in the correct order.
    If there is a better way to do any of this I would be very interested to hear it.

  • Migrating Linux shadow-file MD5 passwords to Sun DSEE for Solaris/SunMail

    Hello all,
    We are about to undertake migration of an outdated mail server based on RedHat 7.2 and Sendmail/ipop3d to Sun Messaging Server (JCS6u2). While the filesystem/mail are not a problem, we're stuck at the question of how to best migrate old users' identities.
    The old Linux system used user names and password hashes stored in /etc/passwd and /etc/shadow files. Hashes are mostly MD5 and a few seem like crypt.
    Question is: are there known incompatibilities between password hashes (algorithms, expected format) in Linux and Sun products - Solaris/DSEE/SunMail?
    That is, if we just take strings like these:
    usemd5:$1$Wu7IqFT5$TeUht3OMdeSSBB3Vab4dB.:11262:0:::::134540116
    usecrypt:DD2kEwCD8nies:10220::::::
    Can we simply place the second column as the userPassword attribute in Sun DSEE and expect that users would be able to log in to LDAP-enabled Solaris and Sun Mail with their old passwords knownst only to them?
    If not, is there some simple modification/translation of such hashes to a format accepted by Sun products?
    Or are these formats/algorithms known to be incompatible somehow in a fatal manner, so our only option would be generation of new passwords for Sun DSEE and its clients?
    Thanks,
    //Jim

    Just to reclarify or throw more information:
    a password - cleartext value - testuser1 has 32-digit HEX value as - 41da76f0fc3ec62a6939e634bfb6a342
    Same password when converted to Base64 pattern becomes - Qdp28Pw+xippOeY0v7ajQg==
    But when I use pwdhash utility in DSE after configuring CRYPT to use MD5 hashes it becomes -
    {crypt}$md5$$LiB/H70zXr3xfQPoXVuUQ1
    I used below command :
    pwdhash -D /opt/SUNWdsee/dsee6/ds6/slapd-oha-dev -s CRYPT testuser1
    Actual hash value of pwdhash is -LiB/H70zXr3xfQPoXVuUQ1 with rest of the prefix is to meet RFC standard and salt and algo name separator.
    I am wondering if Sun MD5 default uses any salt even when I haven't used or DS does it. Or if any other MD5 option is there which can be used.
    Thanks,
    Gaurav

  • Sun Ray server software and Sun DSEE

    I want to have a centralized user administration in the latest sun java 7 directory server. i want to set up the system in that the users of the sun ray thin clients will be authenticated from
    the DSEE. Please assist me in how to make this work.

    Basically, you Sun Ray server must be an LDAP client: it must be set up so that when logging in, it actually authenticates users against DSEE.
    DSEE can be installed on the same host as the Sun Ray server, but it's not a requirement. On the contrary, in such a case, you've got to be
    careful in the start order of services at boot time. So the easiest way is to have DSEE and the Sun Ray server on separate machines.
    How to configure both servers is explained here: http://download.oracle.com/docs/cd/E18752_01/html/816-4556/ldapsetup-1.html
    Or at least, it's a good starting point.

  • XI 3.1 Client Tools and LDAP Authentication

    I have Business Objects XI 3.1 SP2 installed.  For the web clients (InfoView) single sign on and LDAP authentication are working correctly.  However when a user tries to log in using LDAP authentication to one of the client tools (Universe Designer, Webi Rich Client, etc) the error "Cannot access the repository (USR0013)" occurs with the following details:
    [repo_proxy 13] SessionFacade::openSessionLogon with user info has failed(Security plugin error: Failed to set parameters on plugin.(hr=#0x80042a01)
    Are there troubleshooting or setup guides dealing specifically with LDAP authentication with the various client tools?

    Make sure that the File and Printer Sharing for Microsoft Networks component is installed and enabled on your clients.
    Take a look at note 1272536 (http://service.sap.com/notes)
    Regards,
    Stratos

  • SUN DSEE 6.2 vs Fedora DS 1.1 performance comparison

    Hi all,
    I've just discovered a nice tool from SUN about performance analysis for ldap servers named SLAMD (http://www.slamd.com)
    So I configured it and tried to analyze my servers. I've setup one SUN DSEE 6.2 and one Fedora DS 1.1
    in my workstation. Both of them being populated with the same data (160 sample entries from sun) and using the same file descriptors.
    My workstation is running fedora 8, Core(TM)2 Duo CPU E6550 @ 2.33GHz / 2 GB ram.
    I did a couple of tests but all of them had the same search filters
    Entry DN           ou=people,dc=example,dc=com
    Search Filter           objectClass=*
    Attribute(s) to Compare/Modify      Add Operation Frequency           3
    Compare Operation Frequency           7
    Delete Operation Frequency           4
    Modify Operation Frequency           4
    Modify RDN Operation Frequency           1
    Search Operation Frequency           10      description
    I will give the results of my final test which lasted 240 seconds / 200 threads from one client
    DS Overall Operations (Average/sec)
    SUN *35,858*
    Fedora *304,867*
    It seems to me there is a huge difference! I didn't expect to get such numbers. To tell you the truth
    I expected SUN DS to be much faster that Fedora DS instead of being *10 times slower*.
    Furthermore while running the test on the Fedora DS the system got a max load of around 7-8 which implied that the system
    worked hard to perform the test (CPU always at 100%).
    On the other hand while running the SUN DS test, the system never got load more that 1 (cpu not more that 22%).
    It was like the SUN DS was capable to do better but it was never bothered. I played with indexes, file descriptors, number of threads without
    any significant change of performance.
    I'm sure SUN DS can do better. So I'm looking for thoughts on the subject as well as performance tunning/optimization documentation.
    Is the resource kit also available for 6.2 or is it just for SUN ONE server?
    regards
    Giannis

    Giannis,
    Giving raw performance numbers doesn't mean anything unless you also provide the details of the data in your directory server, the settings and the exact tests performed (if it's a slamd standard job, give its name).
    Slamd contains many jobs that are doing many different things leading to completely different numbers in term of operations per second.
    This said, the numbers you show are puzzling me : SUN 35,858 vs Fedora 304,867 (Operations / Second) ?
    I assume the , is the unit separator (and not like in the US the separator between thousands and hundreds).
    If so, there is definitely something badly configured on Sun DS and/or Slamd.
    Regards,
    Ludovic.

  • Jabber for Windows and Ldap Contacts without CUPC license

    Dear Sr:
    It is possible to add a user on ldap as a jabber contact WITHOUT assigning a CUPC license to the user?
    The idea is that some users on the ldap don't have jabber but we should be able to add them as a contact AND we dont want to use jabber licenses for those users or have Presence server to load balance those users.
    We can add Microsoft contact as jabber contact with no issues...
    Thanks 

    LDAP Authentication of End Users in CUCM is strongly recommended for CUPC/Jabber. When you login to CUPC/Jabber it authenticates against CUCM. If LDAP doesn't have the same password (i.e. CUCM isn't synced from LDAP) the client won't be able to do LDAP queries if using BDI. This is because it re-uses the same credentials when it attempts to bind to LDAP. If Jabber is configured for EDI, which is only even possible on Jabber for Windows running on domain-joined workstations, then this is not as critical since it would use the Windows ADSI API in the context of the logged-in user. Using EDI exclusively would rule out Jabber for Mac, iOS, Android, and Windows on a non-domain joined workstation though.
    As for usernames: You can continue to use employeeNumber if you wish. You'll need to ensure that the jabber-config.xml file maps the username to this value for everything to work. Note that this will be their XMPP URI: [email protected] so be sure that you're comfortable with employee numbers being public.
    Please remember to rate helpful responses and identify helpful or correct answers.

  • Problem with ADS and LDAP

    Problem with ADS and LDAP
    I have installed Win2000 + sp1 and ADS on a computer. This computer is PDC.
    After connection via LDAP I cann't get any object ( users or goups etc. ).
    I try connect to ADS by java ( JNDI ).
    When I use another clients of LDAP ( eg. Maxware Directory Explorer) I have
    the same problem - no objects.
    Can anybody help me?
    Grzegorz Pszona
    my e-mail: [email protected]

    Thanks a lot.
    Softerra's browser is really good.
    Thanks
    Rashmi
    "Anant Kadiyala" <[email protected]> wrote:
    >
    I used Softerra's LDAP browser. The browser is free. There is also a
    java baded
    LDAP browser from Univ of Michigan. I found the Softerra browser to be
    more easier
    to use.
    -anant
    "rashmi" <[email protected]> wrote:
    Hi,
    Can you please let me know which exact ADS tool that you used to examine
    the
    DN. I have Active Directory Users and Computers, Sites and Servicesand
    Domain
    and Trusts installed on my machine but I am not able to figure out how
    to get
    the DN?
    Thanks
    Rashmi
    for Stephen Davies <[email protected]> wrote:
    Grzegorz,
    I have had WLS6.1 & ADS working ok using LDAP V2. Mind you it did take
    a
    fair bit of messing around to get it going. MS does have a few oddities,
    for example the Administrators DN might look something like this:
    cn=Administrator,cn=Users,dc=eglobal,dc=net
    One tool that I found invaluable came with the additional support tools
    for Windows 2000. The 'Active Directory Administration Tool' made it
    easy to list the directory contents and examine the DNs.
    Regards,
    Steve
    Stephen Davies
    Principal Consultant
    eGlobal Services Pty. Ltd.
    Sydney, Australia
    Ph. +61 2 9283 1033
    http://www.eglobal.net/

  • BO XI 3.1 SP3 SSO with CMC and Webi Rich Client

    Hello,
    Is it possible in BO XI 3.1 SP3 to use SSO with CMC and Webi Rich Client ?
    It works fine with InfoView, Designer and Desktop Intelligence.
    Regards

    Hi,
    What kind of SSO authentication are you trying to set up? (AD, LDAP,...)
    I think it's AD regarding your command line.
    But be aware that in SSO, you don't need to configure the command line to run the client.
    Have a look at the following guide.
    [Configuring Manual Kerberos Authentication and-or SSO in Distributed Environments with XI 3.1 SP3.pdf|https://bosap-support.wdf.sap.corp/sap/support/sapnotes/public/services/attachment.htm?iv_key=002007204200000183782010&iv_version=0005&alt=2BCE4CB10DF674B172F4F3F7B32A284F49333135358877720E883731B332AF34CACD2AB52C0A2C8DCACA09084EF4CB494E4E0F2ECE8E2F89772908C9CE70CD2DF77675F7F2D1750C09514BCECFCFCE4C8DCF4BCC4DB5F575F4F4F3F57771F571F6F70B01B25D83D4120B0A722092A599504EB16D715E3E00&iv_guid=DF838310BFAAE8F1B486001A64C54696]
    Regarding accessing CMC with SSO, it's not recomended at all as if you break this access, than you can't connect anymore to the CMC and modify settings.
    Regards,
    Philippe
    Edited by: Philippe Tavares on Feb 15, 2011 4:11 PM

  • Single sign-on using Kerberos and Ldap

    I am currently setting up single sign-on using Kerberos for authentication and Ldap for authorization and information store.
    The setup includes several Solaris 8 & 9 workstations, a couple of SGI's, as well as a M$ terminal server farm, several WinXP desktops and their associated Active Directory.
    I am required to authenticate etc against the AD. (which has M$ SFU3.5 installed)
    I have the Kerberos authentication and part of the Ldap service working via pam & nss.
    ie. I can logon to the solaris worksatations using the AD username and password, mount the home directory from a M$ NFS server.
    BUT...
    id gives:- userID, groupID (primary group only)
    groups :- primary group only. (no secondary groups are listed)
    Question: what additional configuration information do I need in the pam, nss &/or ldap config files, so that I can list the secondary groups.
    Thanks in advance for any help.

    After evaluating (giving up on, and finally throwing out) the Sun Directory server it looks like we are going to endup with a similar solution..
    Sadly enough, the MS AD seems much more stable and easier to handle than Suns DS, kerberos and associated services.
    Anyway, currently we are evaluating a product called vintela ( www.vintela.com ), and it seems very promising; its easy, robust, stable and does what we require it to do, as well as more :) It comes with an additional nss module called 'vas', so you easily can retrieve data like hosts/groups from your AD.
    //M.

  • Oracle Workflow Server in a SUN machine; and the Oracle

    Hi All
    I have installed Oracle Workflow Server in a SUN machine; and the Oracle
    Workflow Client (Builder) in a WIN2000 machine.
    In the SUN machine, I already had installed Oracle9i and OMS (Oracle
    Management Server) version 9.2.0.1.0.
    In the WINDOWS 2000 machine, I already had installed the Oracle9i
    Client and the OWB (Oracle Warehouse Builder) version 9.0.3.35.0. Workflow
    Builder
    was installed together with Oracle Client components.
    I have a OWB (Oracle Warehouse Builder) project, and I deploy and schedule
    JOBS in OEM.
    Now I need Oracle Workflow in order to better ordering, manage and schedule
    that jobs.
    I'm reading the following documentation:
    Oracle Workflow Guide (Release 2.6.2)
    http://www.csis.gvsu.edu/GeneralInfo/Oracle/workflow.920/a95265.pdf But I think Oracle Workflow is very complex to learn quickly.
    My OWB Project has several mappings that load tables in a Data Warehouse.
    When I deploy these mappings one by one, in OEM, I can execute them in OEM
    and they work well.
    But when I use the Workflow Deployment Wizard, I create a new Workflow
    Project (Item type and Process).
    But I can't Launch this process. I go to Launch Process in Workflow page
    (http://:/pls//) but when I iniciate the project,
    it stops in the OWB Standard Begin Function. It does not go ahead.
    Well, when I use the Workflow Deployment Wizard inside OWB, it generates
    jobs that can
    be viewed inside OEM (Oracle Enterprise Manager) too. But when I submit
    these jobs, I can't get success too.
    Can somebody help me? May you guide me in order to solve my problem, or send
    me some
    documents or links about workflow, and it's integration with OWB and OEM?
    Best regards

    I think this might be more of an OWB question, and how OWB uses workflow, I have sent an email internally to try and get someone to responsd. You should also consider contacting Oracle Support if you are having these kinds of problems.
    Hi All
    I have installed Oracle Workflow Server in a SUN machine; and the Oracle
    Workflow Client (Builder) in a WIN2000 machine.
    In the SUN machine, I already had installed Oracle9i and OMS (Oracle
    Management Server) version 9.2.0.1.0.
    In the WINDOWS 2000 machine, I already had installed the Oracle9i
    Client and the OWB (Oracle Warehouse Builder) version 9.0.3.35.0. Workflow
    Builder
    was installed together with Oracle Client components.
    I have a OWB (Oracle Warehouse Builder) project, and I deploy and schedule
    JOBS in OEM.
    Now I need Oracle Workflow in order to better ordering, manage and schedule
    that jobs.
    I'm reading the following documentation:
    Oracle Workflow Guide (Release 2.6.2)
    http://www.csis.gvsu.edu/GeneralInfo/Oracle/workflow.920/a95265.pdf But I think Oracle Workflow is very complex to learn quickly.
    My OWB Project has several mappings that load tables in a Data Warehouse.
    When I deploy these mappings one by one, in OEM, I can execute them in OEM
    and they work well.
    But when I use the Workflow Deployment Wizard, I create a new Workflow
    Project (Item type and Process).
    But I can't Launch this process. I go to Launch Process in Workflow page
    (http://:/pls//) but when I iniciate the project,
    it stops in the OWB Standard Begin Function. It does not go ahead.
    Well, when I use the Workflow Deployment Wizard inside OWB, it generates
    jobs that can
    be viewed inside OEM (Oracle Enterprise Manager) too. But when I submit
    these jobs, I can't get success too.
    Can somebody help me? May you guide me in order to solve my problem, or send
    me some
    documents or links about workflow, and it's integration with OWB and OEM?
    Best regards

  • How to config messaging 5.2 and ldap 5.2 with smtp auth?

    Hello.
    I want to config smtp auth for msg 5.2 and ldap 5.2.
    How to step of work.
    I config follow admin guide but it not work.
    Please help me and advice me.

    For your internal clients to be authenticated,
    replace "mustsaslserver" instead of "maysaslserver" in tcp_intranet channel on your imta.cnf file. Then all clients connecting from your internal IPs (listed on your mappings file) will be authenticated.
    Add the below two parameters for messenger express users to use the same system.
    configutil -o local.service.http.smtpauthuser -v "store admin user name"
    configutil -o local.service.http.smtpauthpassword -v "store admin password"
    All other external smtp connections (MX pointed) are not authenticated since they are directed to tcp_local channel.

  • SUN ray and windows License

    Hi,
    I want to use sun ray solution with 100 windows client. can someone tell me which is the best license solution. i mean , should I go with windows terminal license or vmare solution.
    if you can please explain me about the vmare solution and benefits.
    thanks
    rajesh

    Well to be honest; we don't currently have someone here with full SUN knowledge that can answer that. I am a Windows administrator and trying to find all the applications and appliances whether they are compatible with AD 2008 R2 level. If the Sun Ray and V210 don't have an AD link/integration, that is then actually good news.
    Olaf

  • Directory server and ldap TLS on windows platform

    Any body, tested "sun directory server" and "ldap tls" on windows platform"??? cause I tried it, and I cant established a secure connection. On other platform, and I speack about solaris 9, evry thing is ok. Some comments??

    It's a rather unusual way to use attribute subtypes. You may be able to do something with the mapping engine in DPS - I'll wait for Sylvain or someone else who knows DPS really well to answer that. But from the perspective of the information model, I have some doubts about this approach. For instance, what happens if you have multiple subtypes on a single-valued attribute?
    Usually, for example, if there is a "preferred" common name as opposed to some other common names, it would be modeled in an entirely different attribute type, such as "preferredName". The subtypes are almost exclusively used for language specification nowadays. That's another question - what happens if you ever need to store multiple languages in your Directory?
    Do you know of anyone else who is using this kind of information model in their Directory?

  • Upgrade 32–bit Sun DSEE Server Instances with 64-bit RHEL 4.6?

    I want to update 32–bit Sun DSEE Server Instances with 64-bit RHEL 4.6 to 64-bit ODSEE 11.1.1.5.0 with 64-bit RHEL 4.6.
    Thanks

    But it will be on the same physical machine or on a separate server? How big will be the DB?
    Will be in the same topology? Separate topologies?
    If you can afford some downtime and you've got different machines, you could plan a 'cold' migration:
    - Stop the old DS instance
    - Export to LDIF with NO REPLICA INFORMATION (this will also clean up a bit the DB!)
    - Copy schema and indexes definition from source to target environment.
    - Import from LDIF to the new DS topology
    After that you'll have to tune the new environment, in terms of memory , entry cache, indexes, etc...
    HTH,
    Maco

Maybe you are looking for