Oracle Solaris Trusted Extensions Configuration Guide

ProcedureEnable the Solaris Management Console to Accept Network Communications

By default, Solaris systems are not configured to listen on ports that present security risks. Therefore, you must explicitly configure any system that you plan to administer remotely to accept network communications. For example, to administer network databases on the LDAP server from a client, the Solaris Management Console server on the LDAP server must accept network communications.

For an illustration of the Solaris Management Console configuration requirements for a network with an LDAP server, see Client-Server Communication With the Solaris Management Console in Oracle Solaris Trusted Extensions Administrator’s Procedures.

Before You Begin

You must be superuser in the global zone on the Solaris Management Console server system. In this procedure, that system is called the remote system. Also, you must have command line access to the client system as superuser.

  1. On the remote system, enable the system to accept remote connections.

    The smc daemon is controlled by the wbem service. If the options/tcp_listen property to the wbem service is set to true, the Solaris Management Console server accepts remote connections.

    # /usr/sbin/svcprop -p options wbem
    options/tcp_listen boolean false
    # svccfg -s wbem setprop options/tcp_listen=true
  2. Refresh and restart the wbem service.

    # svcadm refresh wbem
    # svcadm restart wbem
  3. Verify that the wbem service is set to accept remote connections.

    # svcprop -p options wbem
    options/tcp_listen boolean true
  4. On the remote system and on any client that needs to access the Solaris Management Console, ensure that remote connections are enabled in the smcserver.config file.

    1. Open the smcserver.config file in the trusted editor.

      # /usr/dt/bin/trusted_edit /etc/smc/smcserver.config
    2. Set the remote.connections parameter to true.

      ## remote.connections=false
    3. Save the file and exit the trusted editor.


If you restart or enable the wbem service, you must ensure that the remote.connections parameter in the smcserver.config file remains set to true.