| Skip Navigation Links | |
| Exit Print View | |
|
Working With Naming and Directory Services in Oracle Solaris 11.1 Oracle Solaris 11.1 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Working With Naming and Directory Services in Oracle Solaris 11.1 Oracle Solaris 11.1 Information Library |
Part I About Naming and Directory Services
1. Naming and Directory Services (Overview)
2. Name Service Switch (Overview)
4. Setting Up Oracle Solaris Active Directory Clients (Tasks)
Part II NIS Setup and Administration
5. Network Information Service (Overview)
6. Setting Up and Configuring NIS (Tasks)
9. Introduction to LDAP Naming Services (Overview)
10. Planning Requirements for LDAP Naming Services (Tasks)
11. Setting Up Oracle Directory Server Enterprise Edition With LDAP Clients (Tasks)
12. Setting Up LDAP Clients (Tasks)
Prerequisites to LDAP Client Setup
How to Initialize an LDAP Client by Using Profiles
How to Initialize an LDAP Client by Using Per-User Credentials
How to Initialize an LDAP Client by Using Proxy Credentials
How to Initialize an LDAP Client to Enable the Updating of Shadow Data
How to Initialize an LDAP Client Manually
How to Modify a Manual LDAP Client Configuration
How to Uninitialize an LDAP Client
Configuring PAM to Use UNIX policy
Configuring PAM to Use LDAP server_policy
Retrieving LDAP Naming Services Information
Listing All User Entry Attributes
Customizing the LDAP Client Environment
Modifying the Name Service Switch for LDAP
13. LDAP Troubleshooting (Reference)
14. LDAP Naming Service (Reference)
The LDAP client service is managed by using the Service Management Facility. For an overview of SMF, refer to Chapter 2, Managing Services (Overview), in Managing Services and Faults in Oracle Solaris 11.1. Also refer to the svcadm(1M) and svcs(1) man pages for more details.
The following list provides a short overview of some of the important information needed to use the SMF service to administer the LDAP client service.
Administrative actions on the LDAP client service, such as enabling, disabling, or restarting, can be performed by using the svcadm command.
Tip - Temporarily disabling a service by using the -t option provides some protection for the service configuration. If the service is disabled with the -t option, the original settings would be restored for the service after a reboot. If the service is disabled without -t, the service will remain disabled after reboot.
The Fault Management Resource Identifier (FMRI) for the LDAP client service is svc:/network/ldap/client.
During the configuration process, the network/nis/domain service will also be enabled to supply the domain name that is used by the network/ldap/client service.
You can query the status of the LDAP client and the ldap_cachemgr daemon by using the svcs command.
The following are examples of the svcs command and its output:
# svcs \*ldap\* STATE STIME FMRI online 15:43:46 svc:/network/ldap/client:default
Example of svcs -l command and output. To get the output shown below, you must use the instance name in the FMRI.
# svcs -l network/ldap/client:default fmri svc:/network/ldap/client:default name LDAP Name Service Client enabled true state online next_state none restarter svc:/system/svc/restarter:default manifest /lib/svc/manifest/network/ldap/client.xml manifest /lib/svc/manifest/network/network-location.xml manifest /lib/svc/manifest/system/name-service/upgrade.xml manifest /lib/svc/manifest/milestone/config.xml dependency require_all/none svc:/system/filesystem/minimal (online) dependency require_all/none svc:/network/initial (online) dependency optional_all/none svc:/network/location:default (online) dependency require_all/restart svc:/network/nis/domain (online) dependency optional_all/none svc:/system/name-service/upgrade (online) dependency optional_all/none svc:/milestone/config (online) dependency optional_all/none svc:/system/manifest-import (online) dependency require_all/none svc:/milestone/unconfig (online)
You can check for a daemon's presence by using the following commands:.
On a server, use the ptree command:
# ptree `pgrep slapd` 6410 zsched 11565 /export/dsee/dsee6/ds6/lib/64/ns-slapd -D /export/dsee/test1 -i /export
On a client, use the following command:
# ldapsearch -h server-name -b "" -s base "objectclass=*" |grep -i context namingContexts: dc=example,dc=com
|