The ldapaddent command must be run on an LDAP client, since it does not include an option to specify the server to be populated. Instead, it uses the existing LDAP client profile to determine this information.
You can set up the LDAP server as a client of itself, which allows you to run ldapaddent on the server directly. However, in this case the order in which the server (ns-slapd) and client (ldap_cachemgr) processes are started at boot time is important. If the server is not ready to respond when ldap_cachemgr starts, you system may appear to hang or the svc:/network/ldap/client:default service may transition to the maintenance state. I don't recommend this configuration for production systems, but it is useful for informal testing. Once you have run idsconfig on the server, it is ready to accept client connections, even before it is populated (step 9). In fact you can perform all steps in the "Populate the Sun Java System Directory Server" section on a client machine. smattrpop only supports loading the four RBAC databases: auth_attr, exec_attr, prof_attr, and user_attr. Since ldapaddent supports these as well, I prefer to use it for everything. --Nathan This message posted from opensolaris.org
