| Skip Navigation Links | |
| Exit Print View | |
|
Trusted Extensions Configuration and Administration Oracle Solaris 11.1 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Trusted Extensions Configuration and Administration Oracle Solaris 11.1 Information Library |
Part I Initial Configuration of Trusted Extensions
1. Security Planning for Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding the Trusted Extensions Feature to Oracle Solaris (Tasks)
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
Configuring LDAP on a Trusted Extensions Network (Task Map)
Configuring an LDAP Proxy Server on a Trusted Extensions System (Task Map)
Configuring the Oracle Directory Server Enterprise Edition on a Trusted Extensions System
Collect Information for the Directory Server for LDAP
Install the Oracle Directory Server Enterprise Edition
Create an LDAP Client for the Directory Server
Configure the Logs for the Oracle Directory Server Enterprise Edition
Configure a Multilevel Port for the Oracle Directory Server Enterprise Edition
Populate the Oracle Directory Server Enterprise Edition
Creating a Trusted Extensions LDAP Client
Make the Global Zone an LDAP Client in Trusted Extensions
Part II Administration of Trusted Extensions
6. Trusted Extensions Administration Concepts
7. Trusted Extensions Administration Tools
8. Security Requirements on a Trusted Extensions System (Overview)
9. Performing Common Tasks in Trusted Extensions
10. Users, Rights, and Roles in Trusted Extensions (Overview)
11. Managing Users, Rights, and Roles in Trusted Extensions (Tasks)
12. Remote Administration in Trusted Extensions (Tasks)
13. Managing Zones in Trusted Extensions
14. Managing and Mounting Files in Trusted Extensions
15. Trusted Networking (Overview)
16. Managing Networks in Trusted Extensions (Tasks)
17. Trusted Extensions and LDAP (Overview)
18. Multilevel Mail in Trusted Extensions (Overview)
19. Managing Labeled Printing (Tasks)
20. Devices in Trusted Extensions (Overview)
21. Managing Devices for Trusted Extensions (Tasks)
22. Trusted Extensions Auditing (Overview)
23. Software Management in Trusted Extensions
Creating and Managing a Security Policy
Site Security Policy and Trusted Extensions
Computer Security Recommendations
Physical Security Recommendations
Personnel Security Recommendations
Additional Security References
B. Configuration Checklist for Trusted Extensions
Checklist for Configuring Trusted Extensions
C. Quick Reference to Trusted Extensions Administration
Administrative Interfaces in Trusted Extensions
Oracle Solaris Interfaces Extended by Trusted Extensions
Tighter Security Defaults in Trusted Extensions
Limited Options in Trusted Extensions
D. List of Trusted Extensions Man Pages
Trusted Extensions Man Pages in Alphabetical Order
Oracle Solaris Man Pages That Are Modified by Trusted Extensions
First, you need to add the Trusted Extensions databases to the existing Directory Server on an Oracle Solaris system. Second, to enable Trusted Extensions systems to access the Directory Server, you then need to configure a Trusted Extensions system to be the LDAP proxy server.
If an LDAP server already exists at your site, create a proxy server on a Trusted Extensions system.
Before You Begin
You have populated the LDAP server from a client that was modified to set the enableShadowUpdate parameter to TRUE. For the requirement, see Create an LDAP Client for the Directory Server.
In addition, you have added the databases that contain Trusted Extensions information to the LDAP server from a client where the enableShadowUpdate parameter was set to TRUE. For details, see Populate the Oracle Directory Server Enterprise Edition.
You must be in the root role in the global zone.
Note - You must run two ldapclient commands. After you run the ldapclient init command, you then run the ldapclient modify command to set the enableShadowUpdate parameter to TRUE.
The following are sample commands. The ldapclient init command defines proxy values.
# ldapclient init \ -a proxyDN=cn=proxyagent,ou=profile,dc=west,dc=example,dc=com \ -a domainName=west.example.com \ -a profileName=pit1 \ -a proxyPassword=test1234 192.168.0.1 System successfully configured
The ldapclient mod command enables shadow updating.
# ldapclient mod -a enableShadowUpdate=TRUE \ -a adminDN=cn=admin,ou=profile,dc=west,dc=example,dc=com \ -a adminPassword=admin-password System successfully configured
For details, see Chapter 12, Setting Up LDAP Clients (Tasks), in Oracle Solaris Administration: Naming and Directory Services.
# ldaplist -l database
Troubleshooting
For strategies to solve LDAP configuration problems, see Chapter 13, LDAP Troubleshooting (Reference), in Oracle Solaris Administration: Naming and Directory Services.
|