MyWebUniversity.com Home Page
 



OpenSolaris man pages main menu 


Standards, Environments, and Macros                         ad(5)



NAME
     ad - Active Directory as a naming repository

DESCRIPTION
     Solaris clients can obtain naming  information  from  Active
     Directory (AD) servers.


     The Solaris system must first join an AD domain and then add
     the   ad   keyword   to   the  appropriate  entries  in  the
     nsswitch.conf(4) file.  The  Solaris  system  joins  the  AD
     domain  by  using the  kclient(1M) utility. The AD name ser-
     vice only supports  the  naming  databases  for  passwd  and
     group.


     Windows users are not able to log in. The userattr(4) data-
     base  has  no  entries  for Windows users, and the passwd(1)
     command does not support the synchronization of  user  pass-
     words with AD.


     The Solaris AD client uses auto-discovery techniques to find
     AD  directory servers, such as domain controllers and global
     catalog servers. The client also uses the LDAP  v3  protocol
     to  access naming information from AD servers. The AD server
     schema requires no modification because the AD client  works
     with  native  AD  schema.  The  Solaris  AD  client uses the
     idmap(1M) service to map between Windows  security  identif-
     iers  (SIDs)  and  Solaris user identifiers (UIDs) and group
     identifiers (GIDs). User names and  group  names  are  taken
     from  the  sAMAccountName attribute of the AD user and group
     objects and then tagged with the domain  where  the  objects
     reside.  The  domain name is separated from the user name or
     group name by the @ character.


     The client uses the  SASL/GSAPI/KRB5  security  model.  The
     kclient utility is used to join the client to AD. During the
     join  operation,  kclient  configures  Kerberos  v5  on  the
     client. See kclient(1M).

FILES
     /etc/nsswitch.conf      Configuration  file  for  the  name-
                             service switch.


     /etc/nsswitch.ad        Sample configuration  file  for  the
                             name-service  switch configured with
                             ad, dns and files.





SunOS 5.11          Last change: 22 Oct 2008                    1






Standards, Environments, and Macros                         ad(5)



     /usr/lib/nssad.so.1    Name service switch module for AD.


SEE ALSO
     passwd(1),  svcs(1),  idmap(1M),  idmapd(1M),   kclient(1M),
     svcadm(1M),    svccfg(1M),   svccfg(1M),   nsswitch.conf(4),
     userattr(4), smf(5)
















































SunOS 5.11          Last change: 22 Oct 2008                    2
OpenSolaris man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™