Configuring the Sun Directory Services Server
On the Sun Directory Services server, you must perform the following operations:
-
Add the Solaris Bandwidth Manager schema files to the Sun Directory Services schema.
-
Declare the policy agent as a replica of the subtrees containing Solaris Bandwidth Manager information.
If you modify the Solaris Bandwidth Manager configuration in the directory, you must replicate the subtree containing the configuration. You must replicate all entries.
The bind Distinguished Name (DN) to use in the replication is of the form uid=login, etc, where login is the login defined in the agent.properties file of the policy agent. The password to use in the replication is the password defined in the agent.properties file. Replication mode must be push.
-
Set a replication schedule for the replication of information between the directory and the policy agents. You can set replication to immediate, which means that whenever modifications are made to entries that are within the scope of the replica, they are automatically pushed to the appropriate policy agent. Doing so is mandatory if you are working with the RADIUS protocol.
-
Define Access Control Lists (ACLs) for Solaris Bandwidth Manager information: for remote user connections, you must give the policy agent read access to at least the policyRef attribute of the entries in the remote user subtree. To enable updates to the configuration stored in the directory from batool, you must provide write access to the policy agent on all entries and attributes in the subtree containing the Solaris Bandwidth Manager configuration.
Add the Solaris Bandwidth Manager schema files to the directory server configuration like this:
-
Copy the Solaris Bandwidth Manager schema files to the directory server. By default, the Solaris Bandwidth Manager schema files, policy.at.conf, and policy.oc.conf are located under /etc/opt/SUNWconn/ba/include.
-
Open the configuration file for Sun Directory Services, dsserv.conf, in a text editor. By default, this file is located under /etc/opt/SUNWconn/ldap/current.
-
In the main configuration section of dsserv.conf, include the schema files for Solaris Bandwidth Manager:
# - Main Configuration Section - # include /etc/opt/SUNWconn/ldap/current/dsserv.at.conf include /etc/opt/SUNWconn/ldap/current/dsserv.oc.conf include /etc/opt/SUNWconn/ldap/current/dsserv.acl.conf include /opt/SUNWconn/ba/include/policy.at.conf include /opt/SUNWconn/ba/include/policy.oc.conf
This include statement must contain the absolute path to the Solaris Bandwidth Manager schema files on the directory server.
-
Restart the directory server daemon, dsservd, to reload the directory configuration. This task is described in the Sun Directory Services 3.1 Administration Guide. The Schema section of the Directory Services Admin Console now lists the Solaris Bandwidth Manager object classes and attributes.
These tasks are described in detail in the Sun Directory Services 3.1 Collection.
- © 2010, Oracle Corporation and/or its affiliates