Oracle Solaris Trusted Extensions Configuration Guide

ProcedureEdit the LDAP Toolbox in the Solaris Management Console

Before You Begin

You must be superuser on the LDAP server. The LDAP credentials must be registered with the Solaris Management Console, and you must know the output of the /usr/sadm/bin/dtsetup scopes command. For details, see Register LDAP Credentials With the Solaris Management Console.

  1. Find the LDAP toolbox.


    # cd /var/sadm/smc/toolboxes/tsol_ldap
    # ls *tbx
    tsol_ldap.tbx
  2. Provide the LDAP server name.

    1. Open the trusted editor.

    2. Copy and paste the full pathname of the tsol_ldap.tbx toolbox as the argument to the editor.

      For example, the following path is the default location of the LDAP toolbox:


      /var/sadm/smc/toolboxes/tsol_ldap/tsol_ldap.tbx
    3. Replace the scope information.

      Replace the server tags between the <Scope> and </Scope> tags with the output of the ldap:/...... line from the /usr/sadm/bin/dtsetup scopes command.


      <Scope>ldap:/<ldap-server-name>/<dc=domain,dc=suffix></Scope>
    4. Replace every instance of <?server?> or <?server ?> with the LDAP server.


      <Name>This Computer (ldap-server-name: Scope=ldap, Policy=TSOL)</Name>
      services and configuration of ldap-server-name.</Description>
      and configuring ldap-server-name.</Description>
      ...
    5. Save the file, and exit the editor.

  3. Refresh and restart the wbem service.


    # svcadm refresh wbem
    # svcadm restart wbem
    

Example 5–2 Configuring the LDAP Toolbox

In this example, the name of the LDAP server is LDAP1. To configure the toolbox, the administrator replaces the instances of <?server ?> with LDAP1.


# cd /var/sadm/smc/toolboxes/tsol_ldap
# /usr/dt/bin/trusted_edit /tsol_ldap.tbx
<Scope>ldap:/LDAP1/cd=LDAP1,dc=example-domain,dc=com</Scope

...
<Name>This Computer (LDAP1: Scope=ldap, Policy=TSOL)</Name>
services and configuration of LDAP1.</Description>
and configuring LDAP1.</Description>
...