After preparing the server and client profile information, you can set up ODSEE for LDAP. Use the idsconfig command to build the directory information tree with the definitions in your checklists.
When you create the DIT using the idsconfig command, you effectively build the client profile and its attributes. For more information about client profile attributes, see LDAP Planning Overview. When developing and using client profiles, note the following:
Store client profiles in a well-known location on the LDAP server. All profiles are located in the ou=profile container.
A single profile on the server defines the configuration of all the clients that use that server. Any subsequent change to the profile attributes is propagated automatically to the clients.
The root DN for the given domain must have an object class of nisDomainObject and a nisDomain attribute that contains the client’s domain.
Without a value to the nisDomain attribute, a request to gethostbyname() and getaddrinfo() will not return a fully qualified host name. The host name will be returned without the appended domain part. See also Unresolved Host Name.
The client profiles must be readable anonymously.
You can create the directory definitions from any Oracle Solaris system on the network. However, the output of the idsconfig command includes the directory manager’s password in clear text. To avoid publishing the password, use the idsconfig command on the directory server.
For more information about the idsconfig command, see the idsconfig(1M) man page.