22 SPARC Enterprise Mx000 Servers Administration Guide • November 2007
■ Optional: The IP address or hostname, and port, of up to two alternative LDAP
directories
■ The distinguished name (DN) of the search base to use for lookup
■ Whether Transport Layer Security (TLS) is to be used
3. Verify that the LDAP service is working.
On the LDAP server, you create an LDAP schema with privilege properties. The
schema contains the following:
You also add the following required attributes for each user on the LDAP server, as
shown in
TABLE 3-2.
A sample file entry is:
CODE EXAMPLE 3-1 LDAP Schema
attributetype ( 1.3.6.1.1.1.1.40 NAME ’spPrivileges’
DESC ’Service Processor privileges’
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
objectclass ( 1.3.6.1.1.1.2.13 NAME ’serviceProcessorUser’ SUP top
AUXILIARY
DESC ’Service Processor user’
MAY spPrivileges )
TABLE 3-2 LDAP LDIF File Attributes
Field Name Description
spPrivileges A valid privilege on the Service Processor
homeDirectory The location of the home directory on the Service Processor:
/scf/home
loginShell The login shell on the Service Processor: /scf/bin/rbash
uidNumber The user ID number on the Service Processor. The
uidnumber must be greater than 100. Use the showuser
command to display UIDs.
CODE EXAMPLE 3-2 Sample LDAP LDIF File Attributes
spPrivileges: platadm
homeDirectory: /scf/home
loginShell: /scf/bin/rbash
uidNumber: 150
