Assign Templates to Remote Hosts

The clients get most of their template assignments from the name service. The local tnrhdb database must contain servers that are contacted during boot, such as the name service master (or its subnet), static routers, and any audit servers.

1. At the label ADMIN_LOW, in an administrative role, initially the root role, invoke the Solaris Management Console from the Application Manager.

2. Click this_host: Scope=Files, Policy=TSOL under Trusted Solaris Management Console in the Navigation pane.

3. Click Trusted Solaris Configuration, then Computers and Networks, then double-click Security Families.

   The remote host templates display in the View pane.

4. Double-click the tsol remote host template.

5. Choose Add Host(s) from the Action menu.

6. Click Add Host, then enter the IP address and template name (tsol) of the Trusted Solaris name service master

   See "How to Assign a Remote Host Template" if you are unsure of the steps.

7. If the client's audit records are stored on an audit server, add the audit server by choosing Action > Add Host(s), Add Host, and entering the audit servers's IP address and tsol host type.

8. Choose Add Host(s) from the Action menu, click Add Host, and enter the IP address and host type of the static router(s).

   A client with one defaultrouter and no audit server would have three entries in its tnrhdb:

   1. The client and its host type (tsol),

   2. The name service master and its host type (tsol) (or its subnet fallback IP address and tsol)

   3. The defaultrouter and its host type.

9. Open a terminal to reload and verify the updated tnrhdb database.

   # tnctl -H /etc/security/tsol/tnrhdb # tninfo -h