How to Create a Client Profile (LDAP Setup and Configuration Guide)

LDAP Setup and Configuration Guide

How to Create a Client Profile

Use ldap_gen_profile(1M) to create a client profile.

# /usr/sbin/ldap_gen_profile \
-P myprofile \
-b dc=mkt,dc=mainstore,dc=com \
-a simple -w mypasswd \
-D cn=proxyagent,ou=profile,dc=mkt,dc=mainstore,dc=com \
100.100.100.100

The following example shows the profile generated:

dn: cn=myprofile,ou=profile,dc=mkt,dc=mainstore,dc=com
SolarisBindDN: cn=proxyagent,ou=profile,dc=mkt,dc=mainstore,dc=com
SolarisBindPassword: {NS1}xxxxxxxxxxxxxx
SolarisLDAPServers: 100.100.100.100
SolarisSearchBaseDN: dc=mkt,dc=mainstore,dc=com
SolarisAuthMethod: NS_LDAP_AUTH_SIMPLE
SolarisTransportSecurity: NS_LDAP_SEC_NONE
SolarisSearchReferral: NS_LDAP_FOLLOWREF
SolarisSearchScope: NS_LDAP_SCOPE_ONELEVEL
SolarisSearchTimeLimit: 30
SolarisCacheTTL: 43200
cn: myprofile
ObjectClass: top
ObjectClass: SolarisNamingProfile

Save the generated profile to a file (such as profile.ldif) and use ldapadd(1) to store the client profile file in the LDAP server.
# ldapadd -h ldap_server_hostname -D "cn=Directory Manager" \ -w nssecret -f profile.ldif

The ldap_cachemgr(1M) on every client machine automatically updates the content of the LDAP configuration files. This means changes need to be made only on the server and those changes automatically propagate to every client in the namespace. The periodic update is based on the TTL, time to live value specified in the profile SolarisCacheTTL.