Use the following steps as necessary to add authorizations in the /etc/security/auth_attr file for Logical Domains Manager users. Because the superuser already has solaris.* authorization, the superuser already has permission for solaris.ldoms.* authorizations.
Create a local user account for each user who needs authorization to use the ldm(1M) subcommands.
To add Logical Domains Manager authorization for a user, a local (non-LDAP) account must be created for that user. Refer to the Solaris 10 System Administrator Collection for details.
Do one of the following depending on which ldm(1M) subcommands you want the user to be able to access.
See Table 3–1 for a list of ldm(1M) commands and their user authorizations.
Add a read-only authorization for a user using the usermod(1M) command.
# usermod -A solaris.ldoms.read username
Add a read and write authorization for a user using the usermod(1M) command.
# usermod -A solaris.ldoms.write username