34 SPARC Enterprise Mx000 Servers Administration Guide • November 2007
2. Type the setlookup command:
The -a option sets the authentication lookup to either local or in LDAP; the -p
option sets the privileges lookup to either local or in LDAP. When local is
specified, lookup is only done locally; when ldap is specified, lookup is first
done locally, then in LDAP if not found locally.
3. To verify the operation, type the showlookup command.
▼ To Configure the XSCF as an LDAP Client
Make sure you have added an LDAP privileges schema to the LDAP server, and
attributes for each user on the LDAP server. Refer to
CODE EXAMPLE 3-1 and
CODE EXAMPLE 3-2 for information.
1. Log in to the XSCF console with useradm privileges.
2. Type the setldap command:
where bind is the bind name, baseDN is the base Distinguished Name, certchain is
an LDAP server certificate chain, -p sets the password to use when binding to
the LDAP server (you are prompted for the password), servers sets the primary
and secondary LDAP servers and ports, user tests the server connection and
password for the specified user, and timeout is the maximum amount of time
allowed for an LDAP search before search results are returned. For more
information on LDAP, refer to the setldap(8) man page, to the SPARC Enterprise
M4000/M5000/M8000/M9000 Servers XSCF User’s Guide, and to the Solaris OS
documentation collection.
3. To verify the operation, type the showldap command.
XSCF> setlookup -a local|ldap
XSCF> setlookup -p local|ldap
XSCF> showlookup
XSCF> setldap [-b bind] [-B baseDN] [-c certchain] [-p] [-s servers] [-
t user] -T timeout
XSCF> showldap
