|Skip Navigation Links|
|Exit Print View|
|Trusted Extensions Configuration and Administration Oracle Solaris 11 Information Library|
First, you need to add the Trusted Extensions databases to the existing Directory Server on an Oracle Solaris system. Second, to enable Trusted Extensions systems to access the Directory Server, you then need to configure a Trusted Extensions system to be the LDAP proxy server.
If an LDAP server already exists at your site, create a proxy server on a Trusted Extensions system.
Before You Begin
You have populated the LDAP server from a client that was modified to set the enableShadowUpdate parameter to TRUE. For the requirement, see Create an LDAP Client for the Directory Server.
In addition, you have added the databases that contain Trusted Extensions information to the LDAP server from a client where the enableShadowUpdate parameter was set to TRUE. For details, see Populate the Oracle Directory Server Enterprise Edition.
You must be in the root role in the global zone.
Note - You must run two ldapclient commands. After you run the ldapclient init command, you then run the ldapclient modify command to set the enableShadowUpdate parameter to TRUE.
The following are sample commands. The ldapclient init command defines proxy values.
# ldapclient init \ -a proxyDN=cn=proxyagent,ou=profile,dc=west,dc=example,dc=com \ -a domainName=west.example.com \ -a profileName=pit1 \ -a proxyPassword=test1234 192.168.0.1 System successfully configured
The ldapclient mod command enables shadow updating.
# ldapclient mod -a enableShadowUpdate=TRUE \ -a adminDN=cn=admin,ou=profile,dc=west,dc=example,dc=com \ -a adminPassword=admin-password System successfully configured
# ldaplist -l database
For strategies to solve LDAP configuration problems, see Chapter 13, LDAP Troubleshooting (Reference), in Oracle Solaris Administration: Naming and Directory Services.