Darren, On Nov 13, 2008, at 12:47 PM, Gilles Bellaton wrote:
> I'm adding Carole and Ludo in copy as they will be able to answer > more precisely than me > to your questions. > >> The "into OpenSolaris" and an install location of /opt/opends are >> incompatible. If the intention is delivery as part of OpenSolaris >> then surely it should be installed in an integrated rather than >> unbundled location ? > Our intention is to deliver in the non WOS of OpenSOlaris as > described here : > http://wikihome.sfbay.sun.com/spe-re/Wiki.jsp?page=Indiana_docks > So in a way similar to netbeans and glassfish > > We were thinking that /opt would be the appropriate location for > such a delivery. >> >> What is the SMF service FMRI and what SMF method credential does it >> run with? > Carole, can you help me on this ? The FMRI as of today is planned as "network/ldap/opends". Feedback and alternate suggestions are welcome. I have little experience with the best practices for FMRI. After package installation, the Administrator must run a command to specify the location of the Database, the user and group for running the instance. If the user "opends" and group "opends" exist on the system, they will be proposed by default. The SMF method credentials would then be as below : <method_credential user='opends' group='opends' privileges='basic,net_privaddr,sys_resource,!proc_info,!file_link_any' limit_privileges='basic,net_privaddr,sys_resource,!proc_info,! file_link_any' /> > >> >> What are the steps required to make this OpenDS delivery usable as >> the LDAP backend for the OpenSolaris nsswitch ? Where is this >> documented on how to do it ? Are all the required LDIF/schema >> files delivered or are they reusing ones already in Solaris >> (including for the Solaris RBAC databases - the package map seems >> to hint at this). Could you point me to the schema files that are delivered in Solaris (OpenSolaris) for example for Solaris RBAC databases ? The only reference to LDAP schema I could find was Kerberos and the Solaris schema part of the idsconfig code. The intend of the OpenDS project is to deliver the schema files required so that OpenDS requires as little configuration as possible (still need to populate the server with DIT structure, content and access controls). Regards, Ludovic. >> > The procedure to use OpenDS as a naming service as been described > here. > The OpenDS package delivers all the necessary schema files. > > Gilles > >> >> All of the above are the minimum things I'd expect given the >> "Integration into OpenSolaris". I can maybe live with /opt/opends >> as the install location but the lack of an SMF service and easy way >> to make it the nsswitch LDAP target I can not. >> >> -- >> Darren J Moffat > Ludovic Poitou Sun Microsystems Inc. OpenDS Community Lead Directory Services http://blogs.sun.com/Ludo/ Grenoble Engineering Center - France Sun Microsystems requires the following notice: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
