Go to main content

Trusted Extensions Configuration and Administration

Exit Print View

» ...Documentation Home » Oracle Solaris 11.4 Information Library » Trusted Extensions Configuration and ... » Initial Configuration of Trusted Extensions » Configuring LDAP for Trusted Extensions » Creating a Trusted Extensions LDAP Client » Create an LDAP Client to Populate the LDAP Server

Updated: November 2020

Trusted Extensions Configuration and Administration

Document Information

Using This Documentation

Part I Initial Configuration of Trusted Extensions

Chapter 1 Security Planning for Trusted Extensions

What's New in Trusted Extensions in Oracle Solaris 11.4

Planning for Security in Trusted Extensions

Results of Enabling Trusted Extensions From an Administrator's Perspective

Chapter 2 Configuration Roadmap for Trusted Extensions

Task Map: Preparing for and Enabling Trusted Extensions

Task Map: Choosing a Trusted Extensions Configuration

Task Map: Configuring Trusted Extensions With the Provided Defaults

Task Map: Configuring Trusted Extensions to Meet Your Site's Requirements

Chapter 3 Adding the Trusted Extensions Feature to Oracle Solaris

Initial Setup Team Responsibilities

Resolving Security Issues Before Installing Trusted Extensions

Installing and Enabling Trusted Extensions

Chapter 4 Remote Administration in Trusted Extensions

Remote Administration in Trusted Extensions

Methods for Administering Remote Systems in Trusted Extensions

Configuring and Administering Remote Systems in Trusted Extensions

Chapter 5 Configuring Trusted Extensions

Setting Up the Global Zone in Trusted Extensions

Creating Labeled Zones

Configuring the Network Interfaces in Trusted Extensions

Creating Roles and Users in Trusted Extensions

Creating Centralized Home Directories in Trusted Extensions

Additional Trusted Extensions Configuration Tasks

Chapter 6 Configuring LDAP for Trusted Extensions

Using the LDAP Naming Service in Trusted Extensions

Configuring LDAP on a Trusted Extensions System

Configure a Multilevel Port for the LDAP Server

Populate the LDAP Server With Trusted Extensions Data

Configuring a Trusted Extensions LDAP Proxy Server

Creating a Trusted Extensions LDAP Client

Create an LDAP Client to Populate the LDAP Server

Make the Global Zone an LDAP Client in Trusted Extensions

Quick Reference for the LDAP Directory Service in Trusted Extensions

LDAP Packages and Documentation in Oracle Solaris

Trusted Extensions Database Schema for LDAP

Part II Administration of Trusted Extensions

Appendix A Site Security Policy for Trusted Extensions

Appendix B Configuration Checklist for Trusted Extensions

Appendix C Quick Reference to Trusted Extensions Administration

Appendix D List of Trusted Extensions Man Pages

Trusted Extensions Glossary

Language:

Create an LDAP Client to Populate the LDAP Server

Because you use this client to populate your LDAP server, you perform this task before you populate the LDAP server.

You can create the client on the LDAP server temporarily and then remove it, or you can create an independent client.

Before You Begin

You are in the root role in the global zone.

Add Trusted Extensions software to a system.
For instructions, see Adding the Trusted Extensions Feature to Oracle Solaris.

On the client, configure LDAP in the name-service/switch service.

Display the current configuration.

# svccfg -s name-service/switch listprop config
config                       application
config/value_authorization   astring       solaris.smf.value.name-service.switch
config/default               astring       "files ldap"
config/host                  astring       "files dns"
config/netgroup              astring       ldap
config/printer               astring       "user files ldap"

Change the following property from the default:

# svccfg -s name-service/switch setprop config/host = astring: "files ldap dns"

In the global zone, initialize the LDAP client.

Troubleshooting

For strategies to solve LDAP configuration problems, see Chapter 6, Troubleshooting LDAP Configurations in Working With Oracle Solaris 11.4 Directory and Naming Services: LDAP.

Copyright © 1992, 2020, Oracle and/or its affiliates.