I am trying to connect to a DS5.2 patch 2 on a Solaris 8 server but receive the simple bind failed invalid credentials error message. This is a strange message in that as I monitor the progress of the bind and authorization attempts via snoop and truss, I see all kinds of interaction between the DS server and the client.
I have patched both the client and server as current as possible to include 108993-36.
I've added the following to the ns_ldap_service_auth_method:
ns_ldap_auth = simple and ns_ldap_credential_level = proxy
I haven't created any tls credential yet (could this be what the error message is referring to?)
When I run the login command, I am prompted for a password followed by another prompt for the LDAP password. After entering the LDAP password, login recycles and prompts me for a userid.
another thing: from the output of the ldap_cachmgr -g command includes the following lines:
server = none, status ERROR
error message: can't connect to the LDAP server
it lists the correct server ip adress, and status: up
but again, if I look at the access log on the server, I see all kinds of interaction, including the login information and correct passwords of both the proxyagent and user I am trying to login as.
As far as pam.conf, I have it configured as per page 268 of the Solaris 9 Naming administration guide for PAM_LDAP: (I used this as I am configuring for DS 5.2 and all other versions of Solaris documentation refers to 5.1)