Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) |
Part I About Naming and Directory Services
1. Naming and Directory Services (Overview)
2. The Name Service Switch (Overview)
Part II DNS Setup and Administration
3. DNS Setup and Administration (Reference)
Part III NIS Setup and Administration
4. Network Information Service (NIS) (Overview)
5. Setting Up and Configuring NIS Service
Part IV LDAP Naming Services Setup and Administration
8. Introduction to LDAP Naming Services (Overview/Reference)
9. LDAP Basic Components and Concepts (Overview)
10. Planning Requirements for LDAP Naming Services (Tasks)
11. Setting Up Sun Java System Directory Server With LDAP Clients (Tasks)
12. Setting Up LDAP Clients (Tasks)
13. LDAP Troubleshooting (Reference)
14. LDAP General Reference (Reference)
Running the ldap_cachemgr Daemon
LDAP Tools Requiring LDAP Naming Services
Example pam.conf File for pam_ldap
Example pam_conf file for pam_ldap Configured for Account Management
RFC 2307 Network Information Service Schema
Directory User Agent Profile (DUAProfile) Schema
Role-Based Access Control and Execution Profile Schema
Internet Print Protocol Information for LDAP
Internet Print Protocol (IPP) Attributes
Internet Print Protocol (IPP) ObjectClasses
Generic Directory Server Requirements for LDAP
Default Filters Used by LDAP Naming Services
15. Transitioning From NIS to LDAP (Overview/Tasks)
16. Transitioning From NIS+ to LDAP
A. Solaris 10 Software Updates to DNS, NIS, and LDAP
The Solaris 10 OS release introduced several changes to pam_ldap, identified in the following list. Also, see the pam_ldap(5) man page for more information.
The previously supported use_first_pass and try_first_pass options are obsolete as of the Solaris 10 software release. These options are no longer needed, may safely be removed from pam.conf, and are silently ignored. They may be removed in a future release.
Password prompting must be provided for by stacking pam_authtok_get before pam_ldap in the authentication and password module stacks, and by including pam_passwd_auth in the passwd service auth stack.
The previously supported password update function is replaced in this release by the previously recommended use of pam_authtok_store with the server_policy option.
An upgrade to this release will not automatically update the existing pam.conf file to reflect the above changes. If the existing pam.conf file contains a pam_ldap configuration, you will be notified after the upgrade by the CLEANUP file. You will need to examine the pam.conf file and modify it, as needed.
It is not possible to provide a clean automatic update for the changes listed above, primarily password prompting and password update, due to the relevance of other modules used in the same stack and also due to the existence of third party modules.
See pam_passwd_auth(5), pam_authtok_get(5), pam_authtok_store(5), and pam.conf(4) man pages for more information.