Bug ID 6533696: On a system configured to use the Network Information Service (NIS) or NIS+ naming service, if the Solaris Security Toolkit software is applied with the server-secure.driver, NIS or NIS+ fails to contact external servers. A symptom of this problem is that the ypwhich(1) command (which returns the name of the NIS or NIS+ server or map master) fails with a message similar to the following:
Domain atlas some.atlas.name.com not bound on nis-server-1.c |
The recommended Solaris Security Toolkit driver to use with the Logical Domains Manager is ldm_control-secure.driver, and NIS and NIS+ work with this recommended driver.
If you are using NIS as your naming service, you cannot use the Solaris Security Toolkit profile server-secure.driver because you might encounter Solaris OS Bug ID 6557663, IP Filter causes panic when using ipnat.conf. However, the default Solaris Security Toolkit driver, ldm_control-secure.driver, is compatible with NIS.
Log in to the system controller by using the ssh command.
Power off the system.
-> stop /SYS |
Power on the system.
-> start /SYS |
Log in to the system console.
-> start /SP/console |
Boot the system.
ok boot -s |
Edit the file /etc/shadow.
Change the root entry of the shadow file to the following:
root::6445:::::: |
Log in to the system and do one of the following:
Add file /etc/ipf/ipnat.conf.
Undo the Solaris Security Toolkit, and apply another driver.
# /opt/SUNWjass/bin/jass-execute -ui # /opt/SUNWjass/bin/jass-execute -a ldm_control-secure.driver |