Solaris Configuration

Fanout Driver Configuration#

1. Make sure the host your installing Platform Services on is setup as a Platform in iManager Fan Out Driver Configuration.

2. Copy The solarisx86_platformservices.tar or solaris_platformservices.tar depending on whether it is running on SPARC or x86 architecture to the AIX platform.

3. Copy the patched pam_ascauth.so library file for the x86 or sparc platform from the correct zip to the server. If you are running x86 copy the attached solaris_x86_pam_ascauth.zip(info), and if you are running sparc copy the attached solaris_sparc_pam_ascauth.zip(info)

We had a "patched" pam_ascauth.so file. You probably will not need if you use the latest patches.

4. Copy the attached pam.conf.sample(info) to the Server.

5. Extract the solaris_platformservices.tar or solarisx86_platformservices.tar

6. Execute the install script in the extracted /ASAM/setup/ folder.

7. Extract the solaris_x86_pam_ascauth.zip or solaris_sparc_pam_ascauth.zip

8. copy the extracted pam_ascauth.so library file to the right location with the below.

cp pam_ascauth.so /usr/local/ASAM/bin/PlatformServices/PlatformClient/pam_ascauth.so

9. Execute the script /usr/local/ASAM/bin/PlatformServices/plat-config (This will configure your /usr/local/ASAM/data/asamplat.conf file and then connect with the directory to mint the SSL certificate for secure communication with the driver.) If the certificate was not minted, and it gives an error then you will need to debug that error and reexecute the

 /usr/local/ASAM/bin/PlatformServices/PlatformServicesProcess/asampsp -s 
to mint the SSL certificate.

10. Edit the file /usr/local/ASAM/data/asamplat.conf and add the line UPDATEPASSWORD to the bottom.

11. Copy /etc/pam.conf to pam.conf.orig with the below commands:

cp /etc/pam.conf pam.conf.orig

12. Replace or make the proper changes to the /etc/pam.conf file. Replacing it will be just fine with cp ./pam.conf.sample /etc/pam.conf

13. copy the Startup Scripts to the init location with these commands:

cp /usr/local/ASAM/data/UnixStartupScripts/asampspd /etc/init.d
cp /usr/local/ASAM/data/UnixStartupScripts/asamrcvrd /etc/init.d

14. Change the permissions on the init scripts with these commands:

chmod 0744 /etc/init.d/asampspd
chmod 0744 /etc/init.d/asamrcvrd

15. Change the Owner and group of the init scripts with these commands:

chown root:sys /etc/init.d/asampspd
chown root:sys /etc/init.d/asamrcvrd

16. Change your directory to /etc/init.d and issue the following commands:

ln asampspd /etc/rc3.d/S98asampspd
ln asamrcvrd /etc/rc3.d/S99asamrcvrd

ln asampspd /etc/rc0.d/K98asampspd
ln asamrcvrd /etc/rc0.d/K99asamrcvrd

17. Check that they have been created correctly with this command:

ls /etc/init.d/*asam* /etc/rc3.d/*asam* /etc/rc0.d/*asam*

18. On some Solaris systems you may need to change the base directory for useradd in order for the Platform Services scripts to function properly by executing the following command. This is only needed if you want to set the default location that users would be created to something other than the current default on the platform. You can determine the current default parameters by using:

useradd -D
To set the default home directory, use.
useradd -D -b /export/home
To set other default, man useradd

19. Start the Daemons

/etc/rc3.d/S98asampspd start
/etc/rc3.d/S99asamrcvrd start

20. Verify the Daemons have started and if there is a problem with one of them starting you will either need to debug why or try and start it again.

ps -eaf | grep asam

21. Test Authentication with a provisioned eUser.

More Information#

There might be more information for this subject on one of the following: