To Manage LDAP

Solaris Management Console 2.1 supports LDAP management, although version 2.0 does not.

To set up Solaris Management Console 2.1 to manage LDAP users and projects, follow these steps:

  1. As root, register the LDAP administrative credentials with Solaris Management Console via the /usr/sadm/bin/dtsetup storeCred command. Note that the Administrator DN argument given here is just an example and this will vary, based on your LDAP setup.

    # /usr/sadm/bin/dtsetup storeCred
    Administrator DN:cn=Directory Manager
    Password:xxxxxx
    Password (confirm):xxxxxx

  2. Verify communication with Directory Service, using the following command:

    # /usr/sadm/bin/dtsetup scopes
    Getting list of managable scopes...
    Scope 1 file:/myhost/myhost
    Scope 2 ldap:/myhost/dc=myhost,dc=mycompany,dc=com

    The LDAP scope listed is similar to the example scope above.

  3. Create a toolbox for managing LDAP within Solaris Management Console using the scope reported in step 2. You can either create a brand new toolbox, or edit the default toolbox to have LDAP instead of files scope.

    To create a copy of the default toolbox (with all the standard Solaris Management Console tools) that can manage your new LDAP scope, do the following:

    At the command line, type /usr/sadm/bin/smc edit to launch the toolbox editor.

    In the Navigation tree, click the Toolbox URL entry corresponding to "this_computer.tbx." This will usually be the first entry under Management Tools.

    Launch the Toolbox URL Wizard by clicking Action->Properties.

    Click Next until you reach "Step 6 - Management Scope."

    Click the Override radio button and select LDAP from the Management Scope drop down menu. Verify that the correct hostname is entered in the server field, and then enter your LDAP domain as listed in step 2 above (in this example, you should enter dc=myhost,dc=mycompany,dc=com in the domain field). Now click Finish.

    Make sure you save the newly created toolbox before exiting the editor. Click Toolbox->Save As. Make note of the toolbox file name and directory you save the toolbox to. You will need this later. Once you have saved the toolbox, exit the editor.

  4. Start the console and select your new LDAP toolbox. At the command line, type /usr/sadm/bin/smc. Once the console launches, open the new toolbox by clicking Console->Open Toolbox. Use the Local Toolbox tab to browse to and select the .tbx file you created in Step 3.

    Once you select the file and click Open, you are ready to manage your LDAP domain.