This procedure describes how to configure the Windows connector on Solaris Trusted Extensions.
For the Sun Ray Windows Connector to function properly on a Solaris Trusted Extensions server, the Windows terminal server must be made available at the desired level.
As superuser, open a shell window on the Sun Ray server.
To avoid script errors that can occur if user environment settings are carried forward, use the following command:
% su - root
Make a Windows system available to the
public
template.
Start the Solaris Management Console.
# smc &
Make the following selections under Management Tools:
Select hostname:Scope=Files, Policy=TSOL.
Select
.Choose
.Select Host.
Type the IP Address of the Windows system, for example, 10.6.100.100.
Click Add.
Click OK.
Configure port 7014 as a shared multilevel port for the uttscpd daemon.
If the Solaris Management Console is not already running, start it:
# smc &
Select hostname:Scope=Files, Policy=TSOL.
Select
.Choose
.Enable ports by clicking Add under Multilevel Ports for Shared IP Addresses.
Add 7014 as Port Number, select TCP as the Protocol, and click OK.
Restart network services.
# svcadm restart svc:/network/tnctl
Verify that this port is listed as a shared port.
# /usr/sbin/tninfo -m global
Create entries for the uttscpd daemon in each local zone.
The /etc/services
file entry for the
SRWC proxy daemon is created automatically in the global
zone at configuration time. Corresponding entries need to be
created in the local zones.
These entries can be created manually or by
loopback-mounting the global zone
/etc/services
file into the local zones
for read access.
To create this entry manually, insert the following entry in the local zone file.
uttscpd 7014/tcp # SRWC proxy daemon
Loopback mount the /etc/opt/SUNWuttsc
directory in each local zone. The following example shows
how to do this for a zone named public
# zoneadm -z public halt # zonecfg -z public zonecfg:public> add fs zonecfg:public:fs> set dir=/etc/opt/SUNWuttsc zonecfg:public:fs> set special=/etc/opt/SUNWuttsc zonecfg:public:fs> set type=lofs zonecfg:public:fs> end # zoneadm -z public boot
(Optional) For TLS peer verification to work, make sure the
CA certificates to be trusted are available under the
/etc/sfw/openssl/certs
folder in each
local zone.
Reboot the Sun Ray server.
# /usr/sbin/reboot