Sun Java Directory server 6.3.1

Hello,
Anyone with knowledge to configure mail aliases in LDAP especially in Sun java directory server 6.x? I have already created the container ou=aliases
The problem is i get the below error when I install LDAP client on a server:
+Apr 23 18:32:00 Server1 sendmail[10032]: [ID 801593 mail.crit] n3NHW0HC010032: SYSERR(root): ldap_init/ldap_bind failed to localhost in map aliases.ldap: Can't connect to the LDAP server+
I found that I dont have aliases not configured in LDAP, the mail host sits on a different server. Other than this my client works perfectly over SSL
Thanks in advance
sys

Sys
SOrry but this looks to me like you have serveral problems. Most of them are Sendmail related. Maybe it would be a better idea to ask in a sendmail forum instead of a Directory server forum. Since you have not posted any configs I can not more than speculate. Here are my guesses:
Apr 29 11:58:21 server1 sendmail[3138]: [ID 801593 mail.info] n3TAwKaC003138: n3TAwKaD003138: return to sender: Host unknown (Name server: mailhost.xxxx.com: host not found)if mailhost.xxxx.com is an existing host then I guess you have a problem with DNS resolution. Are you able to resolve hosts other than those related to this case or infrastructure (eg. can you resolve www.google.com)? If not then you should have a look at /etc/resolv.conf. There shold be a series of nameserver lines followed by the IP-Addresses of the nameservers (Important: IPs . not names). Another source of error could be found in the "hosts:" line in /etc/nsswitch.conf (it ususally reads "hosts: files dns").
Apr 29 12:04:22 server1 sendmail[3219]: [ID 801593 mail.crit] n3TB4Muk003218: SYSERR(root): ldap_init/ldap_bind failed to localhost in map aliases.ldap: Can't connect to the LDAP serverNow this means your sendmail is trying to connect to an LDAP Directory on the same host to resolve aliases. If the port is correct you might find in the <instance_root>/logs/access file further details about what the sendmail server tried and why it failed. If there is no entry in the access log this would mean that there is no LDAP-Server listening on the port sendmail connects to. Fact is that somewhere you "told" sendmail to connect to the ldap server and it is failing to do so.
Apr 29 12:04:22 server1 sendmail[3219]: [ID 801593 mail.alert] n3TB4Muk003219: Losing ./qfn3TB4Muk003219: savemail panic
Apr 29 12:04:22 server1 sendmail[3219]: [ID 801593 mail.crit] n3TB4Muk003219: SYSERR(root): savemail: cannot save rejected email anywhereNow this errormessage is normal if alias resolution does not work. An errormessage would be generated which is sent by the user MAILER-DEAMON. In sendmail default config MAILER-DEAMON is an alias for postmaster which is again an alias for root. But if teher is no aliases there is no "account" MAILER-DEAMON. This errormessage will most likely disapear as soon as you resolved the alias issue.
So much for the errormessages. Unfortunately you are not very specific on your environment. I try to guess what I have understood and try to formulate queries which might help you to find the problem.
- There is a host A running solaris 10 and an Sun Directory Server 6.3.1
-- On what port is the server listening and what information can you get at its current configuration with an anonymous bind (eg. ldapsearch without username or password)
-- You have setup a suffix on this server and created an ou=aliases
-- Have you inserted the standard aliases (such as MAILER-DEAMON or postmaster)?
- There is a host B which is the mailhost.
-- B i trying to connect to localhost (so host B not A) to get informations from an LDAP. Is LDAP running on localhost yes or no? You are not clear on this topic.
-- what did you (or anyone else) do to get the server to obtain aliases from an LDAP (this is not standard config - You need to modify settings to do this)
-- it is definitely a good idea to define a global bunch of settings in confLDAP_DEFAULT_SPEC (especially the options -d -P -b -h should be set in your case most likely)
If these hints do not solve your problems I definitely recommend posting in an sendmail forum and read the sendmail documentation (eg. https://www.sendmail.org/doc/sendmail-current/cf/README). As far as I know LDAP in sendmail is pretty new in std sendmail and you have to expect that documentation on this topic is still poor.
Regards
Martin

Similar Messages

  • Sun java DIRECTORY SERVER 6.0 WITH SUN OPENSSO 8

    Hi all,
    I have install the sun java directory server 6.0.
    Now I have install the sun openssl ( I could had installed the sun java access manager but i wanna use the sun opensso 8 for SSO).
    when created the directory i.e. by using command from directory preparation tool, the directory server stop starting.
    It do not start and is asking me the error as follows,
    bash-3.00# /var/opt/SUNWdsee/dsins1/start-slapd
    [20/Feb/2009:14:44:30 +0500] - ERROR<4131> - Bootstrap config - conn=-1 op=-1 msgId=-1 - System error The entry cn=schema in file /var/opt/SUNWdsee/dsins1/config/schema/99user.ldif is invalid (error 20: Type or value exists) - attribute type sunIdentityServerDiscoEntries: Does not match the OID "1.3.6.1.4.1.42.2.27.9.1.821". Another attribute type is already using the name or OID..
    [20/Feb/2009:14:44:30 +0500] - ERROR<4129> - Bootstrap config - conn=-1 op=-1 msgId=-1 - Configuration error Please edit the configuration file to correct the reported problems and then restart the server. Server exiting.
    Server not running!! Failed to start ns-slapd process.
    Note: while preparing the directory (sun java directory preparation tool) I mentioned the schema 2 i.e. ACCESS MANAGER, because sun opensso 8 is the latest version for Sun java access manager ?
    Any help??????????????
    Regards
    Adeel

    Looks like the attribute sunIdentityServerDiscoEntries is defined twice in the schema. Run the following and see where it is defined for the second time.
    # cd /var/opt/SUNWdsee/dsins1/config/schema
    # grep -w sunIdentityServerDiscoEntries *.ldif | grep -iv objectclasses
    Edited by: etst123 on Mar 3, 2009 1:28 PM

  • Sun Java Directory Server 5.2 x86 download

    I'm trying to find a copy of the x86 version of the Sun Java Directory Server compressed archive for Solaris.  I'm trying to build out a test system for some old software, and I only have a copy of the Sparc version of ldap.  I've tried using the current DSEE version available on the Oracle e-delivery cloud, but the software is too old to work with it...it needs the 5.2 version, specifically.  Is anyone aware of where I can find a copy?
    Thanks for any assistance.      

    Nope
    This is part of the Oracle Lifetime Support policy:
    http://www.oracle.com/us/support/lifetime-support/index.html
    'OLD' products can/may still be supported under *SPECIAL* support contracts. So if you're entitled to its support, you can access it. Otherwise, I'm afraid the answer is no.
    HTH,
    Marco

  • Synchronization between AD and Sun Java Directory Server

    I would like to build an environment as below, kindly let me know whether it is possible or not.
    My Enterprise Directory is Active Directory and i have Policy Server which directs the sso users to get authenticated with that server. I would like to synchronize the user data from Active Directory to Sun Java Directory Server (existing version is 5.2 Service Pack 4) including the passwords and i would like to know with which hashing algorithm these passwords are stored in the sun directory server. Because i want to synchronize the same attributes from sun java directory server to Oracle Internet Directory and is it possible to get my sso users to get authenticated at OID even?
    Kindly let me know whether this approach is feasible or not?
    Any suggestion to this approach is greatly appreciated...
    Thanks in advance...
    Regards,
    Kishore Repakula.

    i would like to know with which hashing algorithm these
    passwords are stored in the sun directory server.Like most other directory servers, SunDS offers a few choices here.
    The most secure is SSHA, which you'd probably want to use unless you have apps with dependencies on other hashes (e.g., CRYPT for backward compatibility with UNIX password field).
    I would like to synchronize the user data from Active Directory
    to Sun Java Directory Server (existing version is 5.2
    Service Pack 4) including the passwords...Sun has a "Identity Synchronization for Windows" product which might work for you.
    http://www.sun.com/software/products/directory_srvr_ee/identity_synch/
    Unfortunately, the big trick with AD passwords is that they are stored in a proprietary one-way hash, so you can't just sync them directly over to another directory. Likewise, you can't import password hashes from other sources into AD and expect them to work.

  • RSA Certificate Manager with Sun Java Directory Server

    Has anyone integrated Sun Java Directory Server with RSA Certificate Manager

    we have the Key Managment System in our DSEE 6.3 through a proxy. We had to enable some OIDs for it to work.

  • Importing LTPA key in Sun Java Directory Server

    hi all,
    is it possible to import a LTPA token into Sun Java Directory Server?
    havent found any helpful docs on the net regarding the same.
    We want the users to get authentication from a Sun Directory when he login from a Domino HTTP server
    thanks
    Prasad

    Sun Directory Server is a generic purpose LDAP based directory server and can certainly contain any data, including LTPA tokens.
    Whether these tokens could be used for authentication using LDAP is another story (and the answer is probably no).
    Regards,
    Ludovic.

  • Radius server for Sun Java directory Server?

    I want to know what products does offer Sun for provide a radius server using the Sun Java Directory Server..
    I have only seen Sun Access Manager, but it is a complex/expensive product for use only the radius server
    Regards

    Nope
    This is part of the Oracle Lifetime Support policy:
    http://www.oracle.com/us/support/lifetime-support/index.html
    'OLD' products can/may still be supported under *SPECIAL* support contracts. So if you're entitled to its support, you can access it. Otherwise, I'm afraid the answer is no.
    HTH,
    Marco

  • Sun java directory server and Active Directory

    We are using two different directory servers Sun java directory server and active directory.
    My question is how we can have password synchronization between these two directory servers.
    I have checked Sun Java[TM] System Identity Synchronization for Windows 1 2004Q3
    http://www.sun.com/download/products.xml?id=41537425
    It seems that it's supported platforms is only for solaris and windows , but I have installed my Sun java directory server on linux and obviously it doesn't work for me.
    I would be grateful if anyone can suggest a solution to work around this situation.
    I have checked identity manager , I would like to know that if I can do this using this product.
    http://www.sun.com/software/products/identity_mgr/specs.jsp
    --regards.
    Sara

    Yes RHEL 4 is a supported OS with DSEE 6.0.
    Identity Synchronization for Windows is a part of DSEE that allows synchronization of users, passwords and groups between Sun Directory Server and Active Directory bi-directionally without altering the users environments, ie it does not require that users change their current habits.
    Identity Manager is a complete identity management solution that is targetting enterprise work flow when it comes to user provisioning and de-provisioning, but also allows to build authentication and password change forms that will provision the passwords to many different systems including Sun Directory Server and Active Directory but also IBM mainframes, legacy applications, databases...
    If you are implementing a complete identity management solution, then go with Identity Manager. If you need a lightweight and fast solution for just synchronizing users and passwords between Sun DS and MS AD, Identity Synchronization for Windows should be your choice.
    Regards,
    Ludovic.

  • Sun Java Directory Server Linux RHEL 5 Installation

    Hello,
    As Linux RHEL ES/AS 5 is not officially listed in the operating system requirements.
    Has somebody been succesful in the installation ?
    - With which Linux RHEL 5 update.
    - Are the package depencies the same (compat-C/C++ libraries)
    - Which Edition of Sun Java Directory Server (5.2Q6, 6.0, 6.3) and which packages (Native/ZIP)
    Tips would be useful as I have been successful in Linux RHEL 4 update 4 with Sun Java Directory Server 5.x
    in the past but customer requirements have changed and I did not find any Information and do not have testing Time.
    Thanks,
    Fab

    I just installed a consumer replica on CentOS (same thing as RHEL) 5.2 . It's working fine. Here's my kickstart file so that you can see what packages I installed:
    # Kickstart file automatically generated by anaconda.
    install
    cdrom
    lang en_US.UTF-8
    keyboard us
    xconfig --startxonboot
    network --device eth0 --bootproto dhcp
    rootpw --iscrypted <removed>
    firewall --disabled
    authconfig --enableshadow --enablemd5
    selinux --disabled
    timezone --utc America/Chicago
    bootloader --location=mbr --driveorder=sda --append="rhgb quiet"
    # The following is the partition information you requested
    # Note that any partitions you deleted are not expressed
    # here so unless you clear all partitions first, this is
    # not guaranteed to work
    clearpart --linux
    part /boot --fstype ext3 --size=128 --asprimary
    part swap --size=1024 --asprimary
    part pv.100000 --size=100 --grow
    volgroup vgmain --pesize=32768 pv.100000
    logvol /var --fstype ext3 --name=varlv --vgname=vgmain --size=512
    logvol /var/log --fstype ext3 --name=varloglv --vgname=vgmain --size=512
    logvol /usr --fstype ext3 --name=usrlv --vgname=vgmain --size=3072
    logvol /usr/local --fstype ext3 --name=usrlocallv --vgname=vgmain --size=4096
    logvol / --fstype ext3 --name=rootlv --vgname=vgmain --size=512
    logvol /home --fstype ext3 --name=homelv --vgname=vgmain --size=1024
    logvol /tmp --fstype ext3 --name=tmplv --vgname=vgmain --size=512
    %packages
    @development-libs
    @editors
    @system-tools
    @text-internet
    @legacy-network-server
    @gnome-desktop
    @core
    @base
    @legacy-software-development
    @base-x
    @web-server
    @smb-server
    @server-cfg
    @admin-tools
    @development-tools
    @graphical-internet
    audit
    net-snmp-utils
    lynx
    kexec-tools
    device-mapper-multipath
    xorg-x11-server-Xnest
    xorg-x11-server-Xvfb
    system-config-boot
    imake
    -bluez-hcidump
    -bluez-gnome
    -slrn
    -gnome-user-docs
    -gnome-themes
    -gedit
    -gnome-power-manager
    -gnome-backgrounds
    -gok
    -gnome-audio
    -esc
    -gnome-user-share
    -gimp-print-utils
    -desktop-printing
    -file-roller
    -gnome-screensaver
    -gnome-pilot
    -krb5-workstation
    -ipsec-tools
    -sysreport
    -irda-utils
    -bluez-utils
    -synaptics
    -krb5-auth-dialog
    -linuxwacom
    -system-config-nfs
    -evolution
    -nspluginwrapper
    -gnome-themes
    -evolution-webcal
    -ekiga
    -evolution-connectorI installed DSEE 6.3 from the ZIP distribution.

  • Sun Java Directory Server 6.3 supports nCipher HSM?

    Hi,
    We want to do the replication in Master - Master configuration on SSL. Does anyone has an idea whether it is possible to store the SSL Certificate Keys used for replication in nCipher netHSM.
    If yes, can anyone provide us the URL on how can it be done or how to go about it?
    Thanks and Regards

    Hi,
    Thanks for the reply. The URL that you mentioned has "Sun Java System Web Server" integration with nCipher HSM.
    We have a requirement where we want to do replication between two "Sun Java Directory Servers" on SSL and the keys used are in HSM. We are not using Web Servers in our setup.
    If you have any info on integration with Directory Servers, it would be of great help.
    Thanks and Regards.

  • Error in installing sun java directory server

    dear ,
    i am trying to install sun java directiry server from sun java enterprise server using command line ( ./installer ), but this error reported to me when i issue the installer command .
    # ./installer
    Error occurred during initialization of VM java/lang/NoClassDefFoundError: java/lang/Object
    Error occurred during initialization of VM
    java/lang/NoClassDefFoundError: java/lang/Object
    Thanks in Advance,
    Basem

    Sorry for the delay in response.
    It could be a patch issue. Have you read http://docs.sun.com/app/docs/doc/820-2210/gduwe?a=view
    Have you checked if the problem exists in Web Server 7.0 update 3 as well?
    Can you send more details like :
    isainfo -v
    file /home/sjws7.0/lib/libadminsecurity.so
    ldd /home/sjws7.0/lib/libadminsecurity.so

  • Integrating Sun Java Directory Server with Sun Java Application Server 7

    Hi,
    My basic goal is to implement Single Sign On within the network i,e if the user is inside the company's network and tries to access any application, then he should not be required for Username/password again becuase he is in the network.
    My question is Is this possible with Sun Java System DIrectory server. If yes how can we integrate Directory Server with Sun Java System Application Server 7 2004Q2.
    Please help.
    Thanks

    Directory Server in itself doesn't provide any kind of SSO functions. Basically it is a high performing data repository accessible via LDAP and DSML. It is, however, a key component used by SSO applications like Access Manager. If your applications are web applications then take a look at Access Manager for your SSO needs.
    Regards,
    Scott

  • Looking for infos about error code in Sun Java Directory Server 6.3.1.1.1

    Hi,
    I'm using Sun-Java(tm)-System-Directory/6.3.1.1.1 on Solaris 9 with two server configured in multi-master replication
    For a few time I receive those warning in the error logfile :
    [14/May/2012:06:18:40 +0200] - WARNING<5384> - Entry - conn=-1 op=-1 msgId=-1 - Entry error Convert LDIF entry into LDAP entry, fast method. Error: non-contiguous deleted attribute type for "myPasswordRetryCount"in entry dn="uid=nabcdycn, ou=People, dc=example,dc=com"
    [14/May/2012:06:18:40 +0200] - WARNING<5384> - Entry - conn=-1 op=-1 msgId=-1 - Entry error Convert LDIF entry into LDAP entry, fast method. Error: non-contiguous deleted attribute type for "myPasswordRetryCount"in entry dn="uid=nabcdycn, ou=People, dc=example,dc=com"
    [14/May/2012:06:19:11 +0200] - WARNING<5384> - Entry - conn=-1 op=-1 msgId=-1 - Entry error Convert LDIF entry into LDAP entry, fast method. Error: non-contiguous deleted attribute type for "myPasswordRetryCount"in entry dn="uid=nefghzer, ou=People, dc=example,dc=com"
    [14/May/2012:06:19:11 +0200] - WARNING<5384> - Entry - conn=-1 op=-1 msgId=-1 - Entry error Convert LDIF entry into LDAP entry, fast method. Error: non-contiguous deleted attribute type for "myPasswordRetryCount"in entry dn="uid=nefghzer, ou=People, dc=example,dc=com"
    [14/May/2012:06:20:44 +0200] - WARNING<5384> - Entry - conn=-1 op=-1 msgId=-1 - Entry error Convert LDIF entry into LDAP entry, fast method. Error: non-contiguous deleted attribute type for "myPasswordRetryCount"in entry dn="uid=nijklkkh, ou=People, dc=example,dc=com"
    [14/May/2012:06:20:44 +0200] - WARNING<5384> - Entry - conn=-1 op=-1 msgId=-1 - Entry error Convert LDIF entry into LDAP entry, fast method. Error: non-contiguous deleted attribute type for "myPasswordRetryCount"in entry dn="uid=nijklkkh, ou=People, dc=example,dc=com"
    and I would like to know what's going up and what I should do, so in case somebody have some infos about it, I would be very interrested.
    I'm trying to find a way of veryfing fragmentation of the backend, but not sure about this.
    TIA

    Looks like the attribute sunIdentityServerDiscoEntries is defined twice in the schema. Run the following and see where it is defined for the second time.
    # cd /var/opt/SUNWdsee/dsins1/config/schema
    # grep -w sunIdentityServerDiscoEntries *.ldif | grep -iv objectclasses
    Edited by: etst123 on Mar 3, 2009 1:28 PM

  • SingleSign on with Sun Java Directory Server

    Hi,
    I wanted to know if there is any way to integrate the sun java server for the Single sign on of the App Server 10g(10.1.3.1.0).
    Any help is appreciated..

    Hi,
    What exactly do you want? If you want SSO for your oc4j containers see see: [http://download-west.oracle.com/docs/cd/B32110_01/web.1013/b28957/javasso.htm#BABDCCGB]
    If you want authentication and authorisation against Sun LDAP you need to configure the separate components of soa suite to use your sun ldap. See [http://download.oracle.com/docs/cd/B31017_01/integrate.1013/b28982/service_config.htm#BABHBEGH] on how to configure e.g. bpel.
    Kind regards,
    Andre

  • NsUniqueId in sun java directory server 6.3 EE

    Hello
    in the Directory server each user has a nsUniqueId what is the utility of such field? can be used as unique identifier by external applications? how does the directory server handles this ID? is it possible to be reused eg: creation of an user that was previously deleted. will the same ID taken for the user or will be a new one be created?
    is it recommended to use the feature? to identify an user or are there better alternatives?
    if you have any documentation i can read over the subject i will be greatly greateful.
    thank you in advance for your help

    The nsuniqueID attribute is an operational attribute that the directory uses to work with an entry through various changes. i.e. if a dn has a persons lastname and they marry... then their dn will possibly change right. So the nsuniqueID something that DS manages...but you need to be careful. You can export and import with this attribute and the value will remain the same... but... if at any point in time the directory tree changes then the nsuniqueID value will change.
    This posses a big problem if you have applications that depend on that attribute. A good way that I have seen work is that a company will create a globally unique identifier. This value is then placed within an entry and is always associated ONLY with that entry. It allows applications to depend on it while not putting constraints on possible future directory tree changes.
    Hope this helps --

Maybe you are looking for

  • JAva ME SDK 3.0 Fatal Error : 123

    Hi, i have a very strange error when running my midlet inside the emulator of SDK 3.0 This midlet runs fine under SDK 2.5, and under Nokia emulator but in SDK 3.0 I have an almost silent crash of the emulator. The only message the console is giving m

  • Sales returns process issue

    Hello Experts, There is the below scenario from the user, what is to be done in the below case for returns. which documents were unnecessarily created? which documents are to be cancelled. Please advise 1. Customer 100 Nos with invoice # 1 2. Custome

  • Strange Essbase Issue - Calculation doesnot yield proper result in MaxL

    Hi, All the Essbase veterans, need your help to look into this strange issue. We are running Essbase on UNIX and we have a BSO application where a daily batch process runs to aggregate the database for Actual and Budget scenario. Strange things is, t

  • Intel driver error

    Morning, First sorry for my english.  My laptop is HP ProBook 4730s. Yesterday I reinstall my WIN7 (Windows 7 Ultimate x64). I try to intall the drivers, but when I install the VGA it write an error "This computer does not meet the minimum requiremen

  • Need help on af:query, accessing bind variable.

    Hi All, Im working on Jdev 11.3. I need some help on af:Query UI component. I have a View Criteria defined on my VO and I am using this as <af:Query> in my .jsff. My View Criteria has 2 Bind Variables (Emp. Id, Emp Division). Emp Division is an LOV o