sipazzo wrote:
> Hello, I am trying to set up a default profile for my Solaris 10 IPA clients 
> as recommended. I generated a profile on a Solaris with the attributes I 
> needed except I got an "invalid parameter" error when specifying the 
> domainName attribute like this -a even though this 
> parameter works when I use it in  ldapclient manual. More of an issue though 
> is I have been unable to find documentation on getting the profile 
> incorporated into the ipa server. How do I get this profile on the ipa server 
> and make it available to my Solaris clients? Also, my understanding is the 
> clients periodically check this profile so they stay updated with the latest 
> configuration information. What generates this check? Is it time based, a 
> restart of a service or ??
> Thank you for any assistance.

It's been forever since I configured a Solaris anything client but I can
tell you where the profile gets stored:

IPA ships with a default profile of:

dn: cn=default,ou=profile,$SUFFIX
ObjectClass: top
ObjectClass: DUAConfigProfile
defaultServerList: $FQDN
defaultSearchBase: $SUFFIX
authenticationMethod: none
searchTimeLimit: 15
cn: default
serviceSearchDescriptor: passwd:cn=users,cn=accounts,$SUFFIX
serviceSearchDescriptor: group:cn=groups,cn=compat,$SUFFIX
bindTimeLimit: 5
objectClassMap: shadow:shadowAccount=posixAccount

The full schema can be found at

So if your profile is named foo you'd invoke it with something like:

# ldapclient init -a profileName=foo


Manage your subscription for the Freeipa-users mailing list:
Go To for more info on the project

Reply via email to