Hi,
I'm attempting to configure LDAP on v8.0.1P4. This Filer is already joined to a domain using "cifssetup," but I need to configure LDAP to read from our Active Directory for NFS purposes. Here is my LDAP config:
ldap.ADdomain na.domain.lan
ldap.base dc=na,dc=domain,dc=lan
ldap.base.group dc=na,dc=domain,dc=lan
ldap.base.netgroup
ldap.base.passwd dc=na,dc=domain,dc=lan
ldap.enable on
ldap.minimum_bind_level simple
ldap.name CN=NetAppServiceAccount,OU=CRP,OU=Administration,DC=na,DC=domain,DC=lan
ldap.nssmap.attribute.gecos name
ldap.nssmap.attribute.gidNumber gidNumber
ldap.nssmap.attribute.groupname cn
ldap.nssmap.attribute.homeDirectory homeDirectory
ldap.nssmap.attribute.loginShell loginShell
ldap.nssmap.attribute.memberNisNetgroup memberNisNetgroup
ldap.nssmap.attribute.memberUid memberUid
ldap.nssmap.attribute.netgroupname cn
ldap.nssmap.attribute.nisNetgroupTriple nisNetgroupTriple
ldap.nssmap.attribute.uid uid
ldap.nssmap.attribute.uidNumber uidNumber
ldap.nssmap.attribute.userPassword userPassword
ldap.nssmap.objectClass.nisNetgroup nisNetgroup
ldap.nssmap.objectClass.posixAccount posixAccount
ldap.nssmap.objectClass.posixGroup posixGroup
ldap.passwd ******
ldap.port 389
ldap.servers
ldap.servers.preferred
ldap.ssl.enable off
ldap.timeout 20
ldap.usermap.attribute.unixaccount sAMAccountName
ldap.usermap.attribute.windowsaccount sAMAccountName
ldap.usermap.base
ldap.usermap.enable off
I have verified using "wcc -u domainusername" that the LDAP connection is not working. I also tried to use getXXbyYY:
filer*> wcc -u jbaird
no passwd entry for jbaird
filer*> getXXbyYY getpwbyname_r jbaird
Could not get passwd entry for name = jbaird
My nsswitch.conf contains "files ldap" for passwd and for groups.
I don't see anything interesting in /etc/messages. What is the next step to debug this problem?
Thanks!