sipazzo wrote: > Hello, I am trying to set up a default profile for my Solaris 10 IPA clients > as recommended. I generated a profile on a Solaris with the attributes I > needed except I got an "invalid parameter" error when specifying the > domainName attribute like this -a domainName=example.com even though this > parameter works when I use it in ldapclient manual. More of an issue though > is I have been unable to find documentation on getting the profile > incorporated into the ipa server. How do I get this profile on the ipa server > and make it available to my Solaris clients? Also, my understanding is the > clients periodically check this profile so they stay updated with the latest > configuration information. What generates this check? Is it time based, a > restart of a service or ?? > > Thank you for any assistance. >
It's been forever since I configured a Solaris anything client but I can tell you where the profile gets stored: cn=profilename,cn=default,ou=profile,$SUFFIX IPA ships with a default profile of: dn: cn=default,ou=profile,$SUFFIX ObjectClass: top ObjectClass: DUAConfigProfile defaultServerList: $FQDN defaultSearchBase: $SUFFIX authenticationMethod: none searchTimeLimit: 15 cn: default serviceSearchDescriptor: passwd:cn=users,cn=accounts,$SUFFIX serviceSearchDescriptor: group:cn=groups,cn=compat,$SUFFIX bindTimeLimit: 5 objectClassMap: shadow:shadowAccount=posixAccount followReferrals:TRUE The full schema can be found at http://docs.oracle.com/cd/E23824_01/html/821-1455/schemas-17.html So if your profile is named foo you'd invoke it with something like: # ldapclient init -a profileName=foo ipa.example.com rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project