Book description
LDAP in the Solaris Operating EnvironmentDeploying Secure Directory Services
Provides an in-depth discussion of Solaris Operating Environment security methods and how they relate to LDAP as a naming service
Covers migration planning tips from NIS/NIS+ to an LDAP-based naming service including capacity planning
Presents an overview of LDAP tools and toolkits, and how they are used to administer LDAP as a naming service
Discusses performance principles and benchmarking techniques for optimizing directory server performance
LDAP in the Solaris Operating Environment is a follow-on to the Sun BluePrints book Solaris and LDAP Naming Services, and describes the significant improvements to the Solaris LDAP client and directory server. Deploying the Solaris Secured LDAP Client is covered in detail. This Sun BluePrints book introduces NIS/NIS+ migration tools and techniques to aid in the transition to an LDAP-based naming service. Troubleshooting tips, examples of extending Solaris authentication methods, and examples of extending Solaris authentication methods using the Pluggable Authentication Module (PAM) framework are provided.
Table of contents
- Copyright
- Acknowledgments
- Preface
- 1. Introducing LDAP in the Solaris Operating Environment
-
2. Assessing Your Needs for Naming Service Transition and Consolidation
- What Consolidation Means
- Business Case for Transitioning to LDAP
- Understanding Legacy Naming Services
-
Migration Planning
-
Collecting Data and Resolving Conflicts
- passwd and shadow Databases
- group Database
- hosts Database
- ipnodes Database
- ethers Database
- bootparams Database
- netgroup Database
- networks Database
- netmasks Database
- aliases Database
- services Database
- protocol Database
- rpc Database
- publickey Database
- automount Database
- Role-Based Access Control (RBAC) Databases
- User-Defined (Custom) NIS Maps
- Establishing Unique IDs
- Choosing NIS/NIS+ Migration Tools
-
Collecting Data and Resolving Conflicts
-
3. Defining Directory Service Security Architecture
- Understanding Directory Server Security
- Understanding the SASL Mechanism
- GSSAPI Authentication and Kerberos v5
-
TLSv1/SSL Protocol Support
- SSL Background
- TLS Background
- TLSv1/SSL in the Sun ONE Directory Server 5.2 Software
- Security Databases
- Enabling TLSv1/SSL in the Sun ONE Directory Server 5.2 Software
- Using the Command Line to Obtain and Install Server Certificates
- Activating TLSv1/SSL in the Sun ONE Directory Server 5.2 Software
- Understanding and Using TLSv1/SSL LDAP Client Architecture
- Start TLS Overview
- Enhanced Solaris OE PAM Features
- Secured LDAP Client Backport to the Solaris 8 OE
-
4. Deploying Solaris OE LDAP Naming Services
- Understanding the DIT
-
Differentiating Server and Client Versions
- Directory Server Versions
- LDAP Name Service Client Versions
- Mixing Client and Server Versions
-
Configuring Sun ONE Directory Servers and Clients
-
Configuring the Directory Server
- To Verify the Installation of the Sun ONE Directory Server 5.2 Packages
- To Run the idsktune Command
- To Configure the Directory Server Software
- To Set up the Directory Server (Interactive Mode)
- To Set Up the Administration Server (Interactive Mode)
- To Set Up the Directory Server (Silent Mode)
- To Set Up the Administration Server (Silent Mode)
- To Run the idsconfig Command (Interactive Mode)
- To Run the idsconfig Command (Silent Mode)
- Enabling TLS/SSL on the Directory Server
- Configuring the Clients
-
Configuring the Directory Server
- Automating Installations
- Choosing High-Availability Options
- Troubleshooting Tips
-
5. Migrating Legacy Data to LDAP
- Mapping Naming Service Data to LDAP Entries
- Running ldapaddent
- Importing Other Databases
-
LDAP to NIS+ Gateway
- What Is a Gateway?
- NIS+ Gateway Components
- Using the Gateway as a Transition Tool
- rpc.nisd - Configuration File for NIS+ Service Daemon
- Configuring the Sun ONE Directory Server Software as a Configuration Server for rpc.nisd
- How NIS+ Data is Mapped to LDAP
- Additional Schema Definitions
- NIS+ to LDAP Mapping
- Using the Default Configuration Files
- NIS+ to LDAP Migration Example
-
6. Management Tools and Toolkits
- Command-Line Tools
- GUI-based Tools
- Toolkits and LDAP APIs
- 7. Performing Administrative Tasks
- 8. Selecting Storage for Optimum Directory Server Performance
-
9. Performing Directory Server Benchmarks
- Why Benchmark?
- Creating a Benchmark Configuration
- Creating LDIF for Benchmarks
-
Using SLAMD, the Distributed Load Generation Engine
- SLAMD Overview
- Installation Prerequisites
- Installing the SLAMD Server
- SLAMD Clients
- The SLAMD Administration Interface
- Scheduling Jobs for Execution
- Viewing Job Execution Results
-
The Default Job Classes
- Null Job
- Exec Job
- HTTP GetRate Job
- LDAP SearchRate Job
- Weighted LDAP SearchRate Job
- LDAP Prime Job
- LDAP ModRate Job
- LDAP ModRate with Replica Latency Job
- LDAP AddRate Job
- LDAP AddRate with Replica Latency Job
- LDAP DelRate Job
- LDAP DelRate with Replica Latency Job
- LDAP CompRate Job
- LDAP AuthRate Job
- LDAP DIGEST-MD5 AuthRate Job
- LDAP Search and Modify Load Generator Job
- LDAP Load Generator with Multiple Searches Job
- Solaris OE LDAP Authentication Load Generator Job
- SiteMinder LDAP Load Simulator Job
- POP CheckRate Job
- IMAP CheckRate Job
- Calendar Initial Page Rate Job
- Adding New Job Classes
- Using the Standalone Client
- Typical SLAMD Architecture
- Directory Server Performance Tuning
- 10. Emerging Directory Technologies
- A. LDAP Standards Information
- B. LDAP v3 Result Codes
- C. Using snoop with LDAP
- D. Solaris OE 9 PAM Architecture
- Glossary
Product information
- Title: LDAP in the Solaris™ Operating Environment: Deploying Secure Directory Services
- Author(s):
- Release date: September 2003
- Publisher(s): Pearson
- ISBN: 0131456938
You might also like
book
Solaris 8 Security
Solaris 8 Security covers all the concepts and issues Solaris 8 administrators need to know in …
book
Building a Monitoring Infrastructure with Nagios
Build real-world, end-to-end network monitoring solutions with Nagios This is the definitive guide to building low-cost, …
book
Solaris™ 10 System Administration Essentials
is the first book to concisely yet comprehensively cover all of the breakthrough features of the …
book
Windows 2000 Administration in a Nutshell
Anyone who installs Windows 2000, creates a user, or adds a printer is a 2000 system …