You use this client to populate your LDAP Server for LDAP. You must perform this task before you populate the LDAP Server.
You can create the client temporarily on the Trusted Extensions Directory Server, then remove the client on the server, or you can create an independent client.
Before You Begin
You are in the root role in the global zone.
You can use the Trusted Extensions LDAP Server, or add Trusted Extensions to a separate system. For instructions, see Adding the Trusted Extensions Feature to Oracle Solaris.
# svccfg -s name-service/switch listprop config config application config/value_authorization astring solaris.smf.value.name-service.switch config/default astring "files ldap" config/host astring "files dns" config/netgroup astring ldap config/printer astring "user files ldap"
# svccfg -s name-service/switch setprop config/host = astring: "files ldap dns"
In this example, the LDAP client is in the example-domain.com domain. The server's IP address is 192.0.2.5.
# ldapclient init -a domainName=example-domain.com -a profileName=default \ > -a proxyDN=cn=proxyagent,ou=profile,dc=example-domain,dc=com \ > -a proxyDN=cn=proxyPassword={NS1}ecc423aad0 192.0.2.5 System successfully configured
# ldapclient -v mod -a enableShadowUpdate=TRUE \ > -a adminDN=cn=admin,ou=profile,dc=example-domain,dc=com System successfully configured
For information about the enableShadowUpdate parameter, see Enabling Shadow Data Updates in Working With Oracle Solaris 11.3 Directory and Naming Services: LDAP and the ldapclient(1M) man page.