test

Sun Desktop Manager 1.0 Installation Guide

Using an Active Directory Server with the Desktop Manager

To use an Active Directory server as a repository for the Desktop Manager data, the schema of the server must be extended to feature the object classes and attributes used to store configuration data. A schema extension file named apoc-ad.ldf can be found in the /usr/share/webconsole/apoc/deploy directory.

The apoc-ad.ldf file must be imported in the Active Directory schema using the following steps:

  1. Enable schema extensions. Refer to Active Directory documentation for more information on how to perform that operation.

  2. Execute the following from the command prompt: ldifde -i -c "DC=Sun,DC=COM" <BaseDN> -f apoc-ad-registry.ldf.

    Note –

    Replace <BaseDN> with the Active Directory base DN.

Having extended the Active Directory servers schema, the rest of the configuration can be completed using the Add Configuration Repository wizard in the Desktop Manager.

When prompted for LDAP credentials in the Add Configuration Repository wizard, provide the full DN and password of a user with read rights to the tree. This can be a user that is not able to use Active Directory for any other purpose. Refer to Active Directory documentation for more information on how to setup such a user. In addition, the domain name for the Active Directory must be known to the machine that is running the Desktop Manager. You can do this by adding a line mapping the IP address of the Active Directory server with its domain name to the /etc/hosts file of that machine.

In order to retrieve the configuration data from a desktop host, the domain name of the Active Directory must also be known to that host. Authentication of the desktop user can be done in two ways: anonymously and using GSSAPI.