The Solaris Trusted Extensions Installation and Configuration Guide seem to have at least two errors when it comes to populating the LDAP server. I have installed Directory Server 5.2Q4 on Solaris 10 11/06/TX (April 2007, 10_x86_Recommended patches installed) and Solaris Express 55b/TX systems and I've run into a problem trying to load exec_attr into DS with the ldapaddent command. The exec_attr will not load into the LDAP server if the Trusted Extensions actions are in the file. Loading an exec_attr file from a vanilla Solaris 10 system does not cause any problems. If the exec_attr from a TX system is used I get the following message when I attempt to load it using ldapaddent:
invalid parameter(s) passed. Error while adding line: All Actions:solaris:act:::*;*;*;*;*: 0 entries added Removing the offending entry only causes the message to move to the next entry also added by TX. If I remove all the TX related entries I can load the exec_attr. With the exception of a minor issue with prof_attr mentioned below all other files in /setup/files installed without error if you follow the instructions in the guide. Am I missing something? There is also a minor error in the instructions involving prof_attr. While the instructions have you remove ?:::::? from auth_attr there is no mention about removing :::: from prof_attr. This is necessary to load prof_attr into LDAP. A minor inconvenience but easily remedied. Has anyone else run into these problems? Am I missing a patch? Looking at the documentation that was on the CD for the older Solaris Express 44b exec_attr is not listed as a file that needs to be loaded into LDAP. Was this an oversight in the older documentation? Any help would be appreciated. Thank you. This message posted from opensolaris.org
