System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)
Previous Next

Document Information

Preface

Part I About Naming and Directory Services

1.  Naming and Directory Services (Overview)

2.  The Name Service Switch (Overview)

Part II DNS Setup and Administration

3.  DNS Setup and Administration (Reference)

Part III NIS Setup and Administration

4.  Network Information Service (NIS) (Overview)

5.  Setting Up and Configuring NIS Service

6.  Administering NIS (Tasks)

7.  NIS Troubleshooting

Part IV LDAP Naming Services Setup and Administration

8.  Introduction to LDAP Naming Services (Overview/Reference)

9.  LDAP Basic Components and Concepts (Overview)

10.  Planning Requirements for LDAP Naming Services (Tasks)

11.  Setting Up Sun Java System Directory Server With LDAP Clients (Tasks)

12.  Setting Up LDAP Clients (Tasks)

13.  LDAP Troubleshooting (Reference)

14.  LDAP General Reference (Reference)

Blank Checklists

LDAP Upgrade Information

pam_ldap Changes

LDAP Commands

Example pam.conf File for pam_ldap

Example pam_conf file for pam_ldap Configured for Account Management

IETF Schemas for LDAP

Directory User Agent Profile (DUAProfile) Schema

Solaris Schemas

Internet Print Protocol Information for LDAP

Generic Directory Server Requirements for LDAP

Default Filters Used by LDAP Naming Services

15.  Transitioning From NIS to LDAP (Overview/Tasks)

16.  Transitioning From NIS+ to LDAP

Part V Active Directory Naming Service

17.  Setting Up Solaris Active Directory Clients

A.  Solaris 10 Software Updates to DNS, NIS, and LDAP

Service Management Facility Changes

DNS BIND

pam_ldap Changes

Documentation Errors

Glossary

Index

Generic Directory Server Requirements for LDAP

To support LDAP clients based on Solaris 9 or later Solaris versions, the server, regardless of what brand, must support the LDAP v3 protocol and compound naming and auxiliary object classes. In addition, at least one of the following controls must be supported.

  • Simple paged-mode (RFC 2696)

  • Virtual List View controls

    The server must support at least one of the following authentication methods.

    anonymous

    simple

    sasl/cram-MD5

    sasl/digest-MD5

    sasl/GSSAPI

If using pam_unix, the server must support storing passwords in UNIX crypt format.

If using TLS, the server must support SSL or TLS.

If using sasl/GSSAPI, the server must support SASL, GSSAPI, Kerberos 5 authentication. Support for GSS encryption over the wire is optional.
Previous Next