Go to main content

Managing Network File Systems in Oracle^® Solaris 11.3

Exit Print View

» ...Documentation Home » Oracle Solaris 11.3 Information Library » Managing Network File Systems in ... » Administering Network File Systems » Administering FedFS » How to Use a Secured Connection to the NSDB

Updated: September 2018

Managing Network File Systems in Oracle^® Solaris 11.3

Document Information

Using This Documentation

Chapter 1 About Network File Systems

Chapter 2 Network File System Features

Chapter 3 Administering Network File Systems

About Administering Network File Systems

Automatic File System Sharing

Task Map for File System Sharing

How to Set Up Automatic File System Sharing

How to Enable NFS Server Logging

Mounting File Systems

Mounting File Systems Task Map

How to Mount a File System at Boot Time

How to Mount a File System From the Command Line

Mounting With the Automounter

How to Mount All File Systems From a Server

How to Use Client-Side Failover

How to Disable Mount Access for One Client

How to Mount an NFS File System Through a Firewall

Mount an NFS File System by Using an NFS URL

Displaying Information About File Systems Available for Mounting

Setting Up the NFS Service

Starting and Stopping the NFS Service

Starting and Stopping the Automounter

Selecting Different Versions of NFS

Administering the Secure NFS System

How to Set Up a Secure NFS Environment With DH Authentication

Administering WebNFS

Planning for WebNFS Access

How to Enable WebNFS Access

Accessing an NFS URL by Using a Browser

Enabling WebNFS Access Through a Firewall

Administering NFS Referrals

How to Create and Access an NFS Referral

How to Remove an NFS Referral

Administering FedFS

Set Up a DNS Record for a FedFS Server

How to Create a Namespace Database

How to Use a Secured Connection to the NSDB

How to Create a FedFS Referral

Chapter 4 Administering Autofs

Chapter 5 Commands for Managing Network File Systems

Chapter 6 Troubleshooting Network File Systems

Chapter 7 Accessing Network File Systems

Appendix A NFS File Sharing Command Reference

Language:

How to Use a Secured Connection to the NSDB

Before You Begin

You must have an LDAP server installed. For more information, see Chapter 4, Setting Up the Oracle Directory Server Enterprise Edition With LDAP Clients in Working With Oracle Solaris 11.3 Directory and Naming Services: LDAP.

Become an administrator.
For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.

On the LDAP server, create a certificate.

You need a certificate to secure the LDAP traffic.

$ mkdir /etc/openldap/certs
$ mkdir /etc/openldap/certs/keys
$ cd /etc/openldap/certs
$ openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
  -keyout keys/ldapskey.pem -out ldapscert.pem
$ chown -R openldap:openldap /etc/openldap/certs/*
$ chmod 0400 keys/ldapskey.pem

Add declarations to the /etc/openldap/slapd.conf file.

TLSCertificateFile /etc/openldap/certs/ldapscert.pem
TLSCertificateKeyFile /etc/openldap/certs/keys/ldapskey.pem

Copy the certificate to the NFS server and clients.

$ scp ldap-server:/etc/openldap/certs/keys/ldapskey.pem \
/etc/openldap/certs/keys/ldapskey.pem
$ chmod 0400 /etc/openldap/certs/keys/ldapskey.pem

On the NFS server and clients, update the connection entry.
```
$ nsdbparams update -f ldapscert.pem -t FEDFS_SEC_TLS localhost
```
For information about options available with the nsdbparams command, see the nsdbparams(1M) man page.

Copyright © 2002, 2018, Oracle and/or its affiliates. All rights reserved.