System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)
|
|||
|
Part I About Naming and Directory Services 1. Naming and Directory Services (Overview) 2. The Name Service Switch (Overview) Part II DNS Setup and Administration 3. DNS Setup and Administration (Reference) Part III NIS Setup and Administration 4. Network Information Service (NIS) (Overview) 5. Setting Up and Configuring NIS Service Part IV LDAP Naming Services Setup and Administration 8. Introduction to LDAP Naming Services (Overview/Reference) 9. LDAP Basic Components and Concepts (Overview) 10. Planning Requirements for LDAP Naming Services (Tasks) 11. Setting Up Sun Java System Directory Server With LDAP Clients (Tasks) 12. Setting Up LDAP Clients (Tasks) 13. LDAP Troubleshooting (Reference) 14. LDAP General Reference (Reference) Example pam.conf File for pam_ldap Example pam_conf file for pam_ldap Configured for Account Management Directory User Agent Profile (DUAProfile) Schema Internet Print Protocol Information for LDAP Generic Directory Server Requirements for LDAP Default Filters Used by LDAP Naming Services 15. Transitioning From NIS to LDAP (Overview/Tasks) 16. Transitioning From NIS+ to LDAP Part V Active Directory Naming Service 17. Setting Up Solaris Active Directory Clients A. Solaris 10 Software Updates to DNS, NIS, and LDAP |
LDAP Upgrade InformationThis section provides information to consider when upgrading from the Solaris 8 release to a Solaris 9 or later release. CompatibilityClients configured on Solaris 9 or later Solaris software releases are fully compatible with directory servers set up to serve Solaris 8 clients, which only support version 1 profiles. However, to take advantage of newer features built into Solaris 9 and later releases, and to use the newer security model, you must use version 2 profiles. Servers can serve a mix of both old and new clients. Clients see the same results from the server as long as schema mapping is not enabled and version 2 profiles are not configured to use special filters with the serviceSearchDescriptors attribute. Obviously if the server is not using the default schema, older clients cannot use that server as Solaris 8 clients cannot arbitrarily map nondefault schema. Running the ldap_cachemgr DaemonBeginning with the Solaris 9 release, the ldap_cachemgr daemon must be running at all times. The daemon is required for the client to function properly. When you use the Service Management Facility's svcadm command to start the LDAP client, the ldap_cachemgr daemon is automatically invoked. See the ldap_cachemgr(1M) man page for more information. New automount SchemaBeginning with the Solaris 9 release, by default the Solaris software uses a new schema for automount entries. This new schema replaces the generic NIS map schema that Solaris 8 clients used. This means that if you set up a server with Solaris 9 or later software tools, Solaris 8 clients cannot see the automount entries. For sites where the server being set up is to serve both Solaris 8 and later Solaris software clients, a profile can be created to map the schema to the old one before adding automounter entries. This would ensure that ldapaddent(1M) adds the entries using the old schema. However, note that this would also mean that all clients based on Solaris 9 or later software must use a profile where the schema for automount is mapped. You need to add the following mapping attributes to your profile for this mapping to take effect. attributeMap: automount:automountMapName=nisMapName attributeMap: automount:automountKey=cn attributeMap: automount:automountInformation=nisMapEntry objectclassMap: automount:automountMap=nisMap objectclassMap: automount:automount=nisObject |
||
|