System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)

Appendix A Solaris 10 Software Updates to DNS, NIS, and LDAP

The Solaris 10 version of the System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) includes updates to DNS BIND and pam_ldap. It also incorporates some minor changes and additions to other content, as well as corrections to several documentation errors.

Service Management Facility Changes

The DNS, NIS, and LDAP services are now managed by the Service Management Facility. Administrative actions on these services, such as enabling, disabling, or restarting, can be performed by using the svcadm command. The service's status can be queried by using the svcs command. For an overview of SMF, refer to Chapter 18, Managing Services (Overview), in System Administration Guide: Basic Administration. Also refer to the svcadm(1M) and svcs(1) man pages for more details.

Information specific to each service described in this book can be found in the following sections.

For information about NIS+ and the Service Management Facility, see System Administration Guide: Naming and Directory Services (NIS+).


BIND 8.4.2 ships in the Solaris 10 release. This version of BIND provides a complete DNS client-server solution for IPv6 networks on Solaris software. There are no changes to the DNS BIND procedures in this guide.

BIND 9 is also supported in the Solaris 10 release and installs in the /usr/sfw directory. A migration document is available in the /usr/sfw/doc/bind directory. The information and procedures in Part II, DNS Setup and Administration apply to BIND 9, except as indicated in the migration document.

pam_ldap Changes

The Solaris 10 OS release introduced several changes to pam_ldap, identified in the following list. See the pam_ldap(5) man page for more information.

It is not possible to provide a clean automated update for the changes listed above. Therefore, an upgrade to a Solaris 10 or later release will not automatically update the existing pam.conf file to reflect the pam_ldap changes. If the existing pam.conf file contains a pam_ldap configuration, you will be notified after the upgrade via the CLEANUP file. You will need to examine the pam.conf file and modify it, as needed.

See pam_passwd_auth(5), pam_authtok_get(5), pam_authtok_store(5), and pam.conf(4) man pages for more information.

Documentation Errors

Several documentation errors have been corrected in this release.