Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) |
Part I About Naming and Directory Services
1. Naming and Directory Services (Overview)
2. The Name Service Switch (Overview)
Part II DNS Setup and Administration
3. DNS Setup and Administration (Reference)
Part III NIS Setup and Administration
4. Network Information Service (NIS) (Overview)
5. Setting Up and Configuring NIS Service
Part IV LDAP Naming Services Setup and Administration
8. Introduction to LDAP Naming Services (Overview/Reference)
9. LDAP Basic Components and Concepts (Overview)
LDAP Data Interchange Format (LDIF)
Using Fully Qualified Domain Names With LDAP
Default Directory Information Tree (DIT)
Service Search Descriptors (SSDs) and Schema Mapping
LDAP Naming Services Security Model
Transport Layer Security (TLS)
Assigning Client Credential Levels
Choosing Authentication Methods
Pluggable Authentication Methods
Account Management With pam_unix
10. Planning Requirements for LDAP Naming Services (Tasks)
11. Setting Up Sun Java System Directory Server With LDAP Clients (Tasks)
12. Setting Up LDAP Clients (Tasks)
13. LDAP Troubleshooting (Reference)
14. LDAP General Reference (Reference)
15. Transitioning From NIS to LDAP (Overview/Tasks)
16. Transitioning From NIS+ to LDAP
A. Solaris 10 Software Updates to DNS, NIS, and LDAP
To simplify Solaris client setup, and avoid having to reenter the same information for each and every client, create a single client profile on the directory server. This way, a single profile defines the configuration for all clients configured to use it. Any subsequent change to the profile attributes is propagated to the clients at a rate defined by the refresh interval.
These client profiles should be stored in a well-known location on the LDAP server. The root DN for the given domain must have an object class of nisDomainObject and a nisDomain attribute containing the client's domain. All profiles are located in the ou=profile container relative to this container. These profiles should be readable anonymously.
The following table shows the Solaris LDAP client's profile attributes, which can be set automatically when you run idsconfig. See Initializing a Client Manually and the idsconfig(1M) man page for information on how to set a client profile manually.
Table 9-2 Client Profile Attributes
|
The following table lists the client attributes that can be set locally using ldapclient. See the ldapclient(1M) man page for more information.
Starting in the Solaris 10 10/09 release, the enableShadowUpdate switch is available. For more information, see enableShadowUpdate Switch.
Table 9-3 Local Client Attributes
|
Note - If the BaseDN in an SSD contains a trailing comma, it is treated as a relative value of the defaultSearchBase. The values of the defaultSearchBase are appended to the BaseDN before a search is performed.