Quick Reference for the LDAP Naming Service in Trusted Extensions - Trusted Extensions Configuration and Administration

Trusted Extensions Configuration and Administration

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Trusted Extensions Configuration and ... » Administration of Trusted Extensions » About Trusted Extensions and LDAP » Quick Reference for the LDAP Naming Service in ...

Updated: July 2014

Trusted Extensions Configuration and Administration

Document Information

Using This Documentation

Part I Initial Configuration of Trusted Extensions

Part II Administration of Trusted Extensions

Chapter 6 Trusted Extensions Administration Concepts

Trusted Extensions and the Oracle Solaris OS

Basic Concepts of Trusted Extensions

Chapter 7 Trusted Extensions Administration Tools

Administration Tools for Trusted Extensions

txzonemgr Script

Selection Manager in Trusted Extensions

Label Builder in Trusted Extensions

Command Line Tools in Trusted Extensions

Configuration Files in Trusted Extensions

Chapter 8 About Security Requirements on a Trusted Extensions System

Configurable Security Features

Security Requirements Enforcement

Rules When Changing the Level of Security for Data

Chapter 9 Common Tasks in Trusted Extensions

Getting Started as a Trusted Extensions Administrator on a Desktop System

Performing Common Tasks in Trusted Extensions

Chapter 10 About Users, Rights, and Roles in Trusted Extensions

User Security Features in Trusted Extensions

Administrator Responsibilities for Users

Decisions to Make Before Creating Users in Trusted Extensions

Default User Security Attributes in Trusted Extensions

Configurable User Attributes in Trusted Extensions

Security Attributes That Must Be Assigned to Users

Chapter 11 Managing Users, Rights, and Roles in Trusted Extensions

Customizing the User Environment for Security

Managing Users and Rights

Chapter 12 Remote Administration in Trusted Extensions

Remote Administration in Trusted Extensions

Methods for Administering Remote Systems in Trusted Extensions

Configuring and Administering Remote Systems in Trusted Extensions

Chapter 13 Managing Zones in Trusted Extensions

Zones in Trusted Extensions

Global Zone Processes and Labeled Zones

Primary and Secondary Labeled Zones

Zone Administration Utilities in Trusted Extensions

Chapter 14 Managing and Mounting Files in Trusted Extensions

Mount Possibilities in Trusted Extensions

Trusted Extensions Policies for Mounted File Systems

Results of Sharing and Mounting File Systems in Trusted Extensions

Multilevel Datasets for Relabeling Files

NFS Server and Client Configuration in Trusted Extensions

Trusted Extensions Software and NFS Protocol Versions

Backing Up, Sharing, and Mounting Labeled Files

Chapter 15 Trusted Networking

About the Trusted Network

Network Security Attributes in Trusted Extensions

Trusted Network Fallback Mechanism

About Routing in Trusted Extensions

Administration of Routing in Trusted Extensions

Administration of Labeled IPsec

Chapter 16 Managing Networks in Trusted Extensions

Labeling Hosts and Networks

Configuring Routes and Multilevel Ports

Configuring Labeled IPsec

Troubleshooting the Trusted Network

Chapter 17 About Trusted Extensions and LDAP

Using the LDAP Naming Service in Trusted Extensions

Quick Reference for the LDAP Naming Service in Trusted Extensions

Chapter 18 About Multilevel Mail in Trusted Extensions

Multilevel Mail Service

Trusted Extensions Mail Features

Chapter 19 Managing Labeled Printing

Labels, Printers, and Printing

Managing Printing in Trusted Extensions

Configuring Labeled Printing

Reducing Printing Restrictions in Trusted Extensions

Chapter 20 About Devices in Trusted Extensions

Device Protection With Trusted Extensions Software

Device Manager GUI

Enforcement of Device Security in Trusted Extensions

Devices in Trusted Extensions (Reference)

Chapter 21 Managing Devices for Trusted Extensions

Handling Devices in Trusted Extensions

Using Devices in Trusted Extensions Task Map

Managing Devices in Trusted Extensions

Customizing Device Authorizations in Trusted Extensions

Chapter 22 Trusted Extensions and Auditing

Chapter 23 Software Management in Trusted Extensions

Adding Software to Trusted Extensions

Appendix A Site Security Policy

Appendix B Configuration Checklist for Trusted Extensions

Appendix C Quick Reference to Trusted Extensions Administration

Appendix D List of Trusted Extensions Man Pages

Language:

Quick Reference for the LDAP Naming Service in Trusted Extensions

The LDAP naming service is managed in Trusted Extensions as it is managed in Oracle Solaris. The following is a sample of useful commands, and contains references to more detailed information:

For strategies to solve LDAP configuration problems, see Chapter 6, Troubleshooting LDAP, in Working With Oracle Solaris 11.2 Directory and Naming Services: LDAP .
To troubleshoot client-to-server LDAP connection problems that are affected by labels, see How to Debug a Client's Connection to the LDAP Server.
To troubleshoot other client-to-server LDAP connection problems, see Chapter 6, Troubleshooting LDAP, in Working With Oracle Solaris 11.2 Directory and Naming Services: LDAP .
To display LDAP entries from an LDAP client, type:
```
# ldaplist -l
# ldap_cachemgr -g
```
To display LDAP entries from an LDAP server, type:
```
# ldap_cachemgr -g
# idsconfig -v
```

To list the hosts that LDAP manages, type:

# ldaplist -l hosts Long listing
# ldaplist hosts One-line listing

To list information in the Directory Information Tree (DIT) on LDAP, type:

# ldaplist -l services | more
dn: cn=apocd+ipServiceProtocol=udp,ou=Services,dc=exampleco,dc=com
objectClass: ipService
objectClass: top
cn: apocd
ipServicePort: 38900
ipServiceProtocol: udp

...
# ldaplist services name
dn=cn=name+ipServiceProtocol=udp,ou=Services,dc=exampleco,dc=com

To display the status of the LDAP service on the client, type:

% svcs -xv network/ldap/client
svc:/network/ldap/client:default (LDAP client)
State: online since date
See: man -M /usr/share/man -s 1M ldap_cachemgr
See: /var/svc/log/network-ldap-client:default.log
Impact: None.

To start and stop the LDAP client, type:

# svcadm enable network/ldap/client

# svcadm disable network/ldap/client

To start and stop the LDAP server in version 6 or 7 of Oracle Directory Server Enterprise Edition software, type:
```
# dsadm start /export/home/ds/instances/your-instance
# dsadm stop /export/home/ds/instances/your-instance
```
To start and stop a proxy LDAP server in version 6 or 7 of Oracle Directory Server Enterprise Edition software, type:
```
# dpadm start /export/home/ds/instances/your-instance
# dpadm stop /export/home/ds/instances/your-instance
```

Copyright © 1992, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices