<!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0cm; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri","sans-serif";} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple; text-decoration:underline;} span.EmailStyle17 {mso-style-type:personal-compose; font-family:"Calibri","sans-serif"; color:windowtext;} .MsoChpDefault {mso-style-type:export-only;} @page WordSection1 {size:612.0pt 792.0pt; margin:72.0pt 72.0pt 72.0pt 72.0pt;} div.WordSection1 {page:WordSection1;} --> I’ve got some hosts using Solaris 10   cat /etc/release                       Solaris 10 10/09 s10s_u8wos_08a SPARC            Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.                         Use is subject to license terms.                            Assembled 16 September 2009   Which I’ve configured with ldapclient manual (failed miserably until I allowed anonymous binds in dse.ldif).   ldapclient manual -vv \ -a defaultSearchBase=<blah> \ -a defaultSearchScope=sub \ -a authenticationMethod=tls:simple \ -a credentialLevel=proxy \ -a proxyDN=cn=ldapsearch,cn=config \ -a proxyPassword=<blah> \ -a serviceAuthenticationMethod=pam_ldap:tls:simple \ -a domainName=<blah> \ -a certificatePath=/var/ldap \ -a serviceSearchDescriptor=group:ou=Groups,<blah> <389 server>   If I turn anonymous binds off once the client is configured, it fails to connect because the Solaris client is still insisting on making anonymous binds. I’m getting these in my access log:   [08/Mar/2012:15:04:49 +0100] conn=1 fd=64 slot=64 SSL connection from <Solaris 10> to <389 DS> [08/Mar/2012:15:04:49 +0100] conn=1 SSL 128-bit RC4 [08/Mar/2012:15:04:49 +0100] conn=1 op=0 UNPROCESSED OPERATION - Anonymous access not allowed [08/Mar/2012:15:04:49 +0100] conn=1 op=0 RESULT err=48 tag=101 nentries=0 etime=0 [08/Mar/2012:15:04:49 +0100] conn=1 op=1 UNBIND [08/Mar/2012:15:04:49 +0100] conn=1 op=1 fd=64 closed - U1   Anyone come across this before and have a solution?  I really don’t want to have to allow anonymous binds...   Brett   ------------------------------------------------------------------- GreeNRB NRB considers its environmental responsibility and goes for green IT. May we ask you to consider yours before printing this e-mail?   NRB, daring to commit This e-mail and any attachments, which may contain information that is confidential and/or protected by intellectual property rights, are intended for the exclusive use of the above-mentioned addressee(s). Any use (including reproduction, disclosure and whole or partial distribution in any form whatsoever) of their content is prohibited without prior authorization of NRB. If you have received this message by error, please contact the sender promptly by resending this e-mail back to him (her), or by calling the above number. Thank you for subsequently deleting this e-mail and any files attached thereto.