Oracle Solaris Trusted Extensions Configuration Guide

Creating a Trusted Extensions Proxy for an Existing Sun Java System Directory Server

First, you need to add the Trusted Extensions databases to the existing Directory Server on a Solaris system. Second, to enable Trusted Extensions systems to access the Directory Server, you then need to configure a Trusted Extensions system to be the LDAP proxy server.

ProcedureCreate an LDAP Proxy Server

If an LDAP server already exists at your site, create a proxy server on a Trusted Extensions system.

Before You Begin

You have populated the LDAP server from a client that was modified to set the enableShadowUpdate parameter to TRUE. For the requirement, see Create an LDAP Client for the Directory Server.

In addition, you have added the databases that contain Trusted Extensions information to the LDAP server from a client where the enableShadowUpdate parameter was set to TRUE. For details, see Populate the Sun Java System Directory Server.

  1. On a system that is configured with Trusted Extensions, create a proxy server.


    Note –

    You must run two ldapclient commands. After you run the ldapclient init command, you then run the ldapclient modify command to set the enableShadowUpdate parameter to TRUE.


    For details, see Chapter 12, Setting Up LDAP Clients (Tasks), in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

  2. Verify that the Trusted Extensions databases can be viewed by the proxy server.


    # ldaplist -l database
    
Troubleshooting

For strategies to solve LDAP configuration problems, see Chapter 13, LDAP Troubleshooting (Reference), in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).