Add Object Class Definitions to the Configuration Directory

Prepare the Environment.

1. Stop the directory server.

Modify the slapd.oc.conf File.

1. Modify the ipNetwork object class so cn is no longer required, but is still a member.

   ipNetwork before the change:

   objectclass ipNetwork oid 1.3.6.1.1.1.2.7 requires objectClass, ipNetworkNumber, cn allows ipNetmaskNumber, manager, l, description

   Remove the cn line from requires; add the cn line to allows. ipNetwork after the change:

   objectclass ipNetwork oid 1.3.6.1.1.1.2.7 requires objectClass, ipNetworkNumber allows cn, ipNetmaskNumber, manager, l, description

Add Object Class Definitions to the slapd.user_oc.conf File

1. Add the NisKeyObject objectclass.

   # NIS publickey objectclass objectclass NisKeyObject oid 1.3.6.1.1.1.2.14 superior top requires cn, nisPublickey, nisSecretkey allows uidNumber, description

2. Add the nisDomainObject objectclass.

   # NIS domain objectclass objectclass nisDomainObject oid 1.3.1.6.1.1.1.2.15 superior top requires nisDomain

3. Add the SolarisNamingProfile objectclass.

   # LDAP client profile objectclass objectclass SolarisNamingProfile oid 1.3.6.1.4.1.42.2.27.5.2.7 superior top requires cn, SolarisLDAPservers, SolarisSearchBaseDN allows SolarisBindDN, SolarisBindPassword, SolarisAuthMethod, SolarisTransportSecurity, SolarisCertificatePath, SolarisDataSearchDN, SolarisSearchScope, SolarisSearchTimelimit, SolarisPreferredServer, SolarisPreferredServerOnly, SolarisCacheTTL, SolarisSearchReferral

4. Add the mailGroup objectclass.

   # mailGroup objectclass objectclass mailGroup oid 2.16.840.1.113730.3.2.4 superior top requires mail allows cn, mgrpRFC822MailMember

5. Add the nisMailAlias objectclass.

   # nisMailAlias objectclass objectClass nisMailAlias oid 1.3.6.1.4.1.42.2.27.1.2.5 superior top requires cn allows rfc822mailMember

6. Add the nisNetId objectclass.

   # nisNetId objectclass objectClass nisNetId oid 1.3.6.1.4.1.42.2.27.1.2.6 superior top requires cn allows nisNetIdUser, nisNetIdGroup, nisNetIdHost

7. Add the SolarisAuditUser objectclass.

   # User auditing objectclass objectclass SolarisAuditUser oid 1.3.6.1.4.1.42.2.27.5.2.2 superior top allows SolarisAuditAlways, SolarisAuditNever

8. Add the SolarisUserAttr objectclass.

   # RBAC User attributes objectclass objectclass SolarisUserAttr oid 1.3.6.1.4.1.42.2.27.5.2.3 superior top allows SolarisUserQualifier, SolarisAttrReserved1, SolarisAttrReserved2, SolarisAttrKeyValue

9. Add the SolarisAuthAttr objectclass.

   # RBAC Authorizations Objectclass objectclass SolarisAuthAttr oid 1.3.6.1.4.1.42.2.27.5.2.4 superior top requires cn allows SolarisAttrReserved1, SolarisAttrReserved2, SolarisAttrShortDesc, SolarisAttrLongDesc, SolarisAttrKeyValue

10. Add the SolarisProfAttr objectclass.

    # RBAC Profile objectclass objectClass SolarisProfAttr oid 1.3.6.1.4.1.42.2.27.5.2.5 superior top requires cn allows SolarisAttrReserved1, SolarisAttrReserved2, SolarisAttrLongDesc, SolarisAttrKeyValue

11. Add the SolarisExecAttr objectclass.

    # RBAC Execution objectlcass objectClass SolarisExecAttr oid 1.3.6.1.4.1.42.2.27.5.2.6 superior top allows SolarisKernelSecurityPolicy, SolarisProfileType, SolarisAttrReserved1, SolarisAttrReserved2, SolarisProfileID, SolarisAttrKeyValue

12. Add the nisKeyObject objectclass.

    # Publickey objectclass objectClass nisKeyObject oid 1.3.6.1.1.1.2.14 superior top requires cn, nisPublicKey, nisSecretKey allows uidNumber, description

13. Add the SolarisProject objectclass.

    # Project Accounting objectclass objectclass SolarisProject oid 1.3.6.1.4.1.42.2.27.5.2.1 superior top requires SolarisProjectID, SolarisProjectName allows memberUid, memberGid, description, SolarisProjectAttr

Add Attribute Definitions to the slapd.user_at.conf File

1. Add the nisMapEntry attribute.

   # Sun nisMapEntry attributes attribute nisDomain 1.3.6.1.1.1.1.30 cis

2. Add the LDAP client profile attributes.

   # attributes for LDAP client profile attribute SolarisLDAPServers 1.3.6.1.4.1.42.2.27.5.1.15 cis attribute SolarisSearchBaseDN 1.3.6.1.4.1.42.2.27.5.1.16 dn single attribute SolarisCacheTTL 1.3.6.1.4.1.42.2.27.5.1.17 cis single attribute SolarisBindDN 1.3.6.1.4.1.42.2.27.5.1.18 dn single attribute SolarisBindPassword 1.3.6.1.4.1.42.2.27.5.1.19 ces single attribute SolarisAuthMethod 1.3.6.1.4.1.42.2.27.5.1.20 cis attribute SolarisTransportSecurity 1.3.6.1.4.1.42.2.27.5.1.21 cis attribute SolarisCertificatePath 1.3.6.1.4.1.42.2.27.5.1.22 ces single attribute SolarisDataSearchDN 1.3.6.1.4.1.42.2.27.5.1.24 cis attribute SolarisSearchScope 1.3.6.1.4.1.42.2.27.5.1.25 cis single attribute SolarisSearchTimeLimit 1.3.6.1.4.1.42.2.27.5.1.26 int single attribute SolarisPreferredServer 1.3.6.1.4.1.42.2.27.5.1.27 cis attribute SolarisPreferredServerOnly 1.3.6.1.4.1.42.2.27.5.1.28 cis single attribute SolarisSearchReferral 1.3.6.1.4.1.42.2.27.5.1.29 cis single

3. Add the mailGroup attributes.

   # Sun additional attributes to RFC2307 attributes (NIS) attribute mgrpRFC822MailMember 2.16.840.1.113730.3.1.30 cis attribute rfc822MailMember ces

4. Add the nisKeyObject attributes.

   # Sun nisKeyObject attributes attribute nisPublickey 1.3.6.1.1.1.1.28 cis attribute nisSecretkey 1.3.6.1.1.1.1.29 cis

5. Add the nisNetId attributes.

   # Sun nisNetId attributes attribute nisNetIdUser 1.3.6.1.4.1.42.2.27.1.1.12 ces attribute nisNetIdGroup 1.3.6.1.4.1.42.2.27.1.1.13 ces attribute nisNetIdHost 1.3.6.1.4.1.42.2.27.1.1.14 ces

6. Add the auditing attributes.

   # attributes for auditing attribute SolarisAuditAlways 1.3.6.1.4.1.42.2.27.5.1.5 cis single attribute SolarisAuditNever 1.3.6.1.4.1.42.2.27.5.1.6 cis single

7. Add the RBAC attributes.

   # attributes for RBAC attribute SolarisAttrKeyValue 1.3.6.1.4.1.42.2.27.5.1.4 cis single attribute SolarisAttrShortDesc 1.3.6.1.4.1.42.2.27.5.1.7 cis single attribute SolarisAttrLongDesc 1.3.6.1.4.1.42.2.27.5.1.8 cis single attribute SolarisKernelSecurityPolicy 1.3.6.1.4.1.42.2.27.5.1.9 cis single attribute SolarisProfileType 1.3.6.1.4.1.42.2.27.5.1.10 cis single attribute SolarisProfileId 1.3.6.1.4.1.42.2.27.5.1.11 ces single attribute SolarisUserQualifier 1.3.6.1.4.1.42.2.27.5.1.12 cis single attribute SolarisAttrReserved1 1.3.6.1.4.1.42.2.27.5.1.13 cis single attribute SolarisAttrReserved2 1.3.6.1.4.1.42.2.27.5.1.14 cis single

8. Add the nisKeyObject attributes.

   # attributes for nisKeyObject attribute nisPublicKey 1.3.6.1.1.1.1.28 cis attribute nisSecretKey 1.3.6.1.1.1.1.29 cis

9. Add the project accounting attributes.

   # attributes for Project Accounting attribute SolarisProjectID 1.3.6.1.4.1.42.2.27.5.1.1 int single attribute SolarisProjectName 1.3.6.1.4.1.42.2.27.5.1.2 ces single attribute SolarisProjectAttr 1.3.6.1.4.1.42.2.27.5.1.3 ces attribute memberGid 1.3.6.1.4.1.42.2.27.5.1.30 ces