The Solaris 9 OE implementation requires the use of profiles and the LDAP cache manager.

The old profile type is identified as:

NS_LDAP_FILE_VERSION = 1.0

The new profile type is:

NS_LDAP_FILE_VERSION = 2.0

The profile type is determined by whether the profile contains the DUAconfigProfile object class or the SolarisNamingProfile object class. Profiles containing the former class are considered version 2.0.

New Automount Object Class#

In the Solaris 8 OE implementation, automount maps were represented by the generic nisObject object class, which contained a key and an associated value. The Solaris 9 OE implementation introduces two new object classes to hold automap information: automount and automountMap.

The Name Service Switch search criteria in the nsswitch.conf for the auto_home and auto_master tables and maps is combined into one category, which is called automount.

Troubleshooting Solaris 10 (and Probably Solaris 9)#

Useful Commands#

  • ldaplist - search and list naming information from an LDAP directory using the configured profile. Performs a LDAP search to directory based on the in-use profile. May not be the same results as getent.

How To#

See an entry within LDAP:
 
ldaplist -l passwd abdol
dn: uid=abdol,ou=int,ou=people,dc=nationwidedir,dc=poc
        loginShell: /usr/bin/ksh
        homeDirectory: /home/abdol
        gecos: Abdol, Linda, 614-249-7111
        gidNumber: 280
        uidNumber: 52658
        uid: abdol
        givenName: Linda
        sn: Abdo
        objectClass: inetOrgPerson
        objectClass: nwPersonInfo
        objectClass: organizationalPerson
        objectClass: Person
        objectClass: ndsLoginProperties
        objectClass: Top
        objectClass: posixAccount
        objectClass: shadowAccount
        cn: ABDOL
or
scott:root> ldaplist passwd abdol
dn: uid=abdol,ou=int,ou=people,dc=nationwidedir,dc=poc

Check how values are returned:#

  
getent passwd abdol
abdol:x:52658:280:Abdol, Linda, 614-249-7111:/home/abdol:/usr/bin/ksh
or
getent group tty
tty::7:root,adm

Check the ldap client is running:#

svcs -l network/ldap/client:default

Notes#

Note that Solaris "ldapclient" has a irritating act that it reset the "hosts:" entry to "hosts: files ldap", this should be adjusted back to "hosts: files dns", otherwise something like telnet/ftp/ssh will break on hostname lookup.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-8) was last changed on 20-Jan-2013 12:11 by jim