3-6 Oracle Authentication Services for Operating Systems Administrators Guide Configuring Oracle Authentication Services for Operating Systems on the Client You configure each client for UNIX or Linux authentication by running a client configuration script. Follow these steps. Solaris 9 The following steps are specific to Solaris 9.

1. On Solaris 9 only, download the Sun Java System Directory Server Resource Kit

SDRK52 and install it as root.

2. After installing the Sun Java System Directory Server Resource Kit, before you run

the client configuration script, modify the environment variables PATH and LD_ LIBRARY_PATH so that PATH includes installrootlibnssbin and LD_ LIBRARY_PATH includes installrootlib, where installroot is the directory where you installed the Sun Java System Directory Server Resource Kit For example, if you installed the software in usr, add usrlibnssbin to PATH and add usrlib to LD_LIBRARY_PATH.

3. Perform the tasks described under

All Client Platforms on page 3-8. AIX 5.3 The following steps are specific to AIX 5.3. Install the LDAP Client on AIX The base AIX 5L LDAP client is packaged in the ldap.client file sets located on the AIX 5L product media. If you plan to use SSL to connect to the LDAP server, you must install the gskta.rte and ldap.max_crypto_client file sets located on the AIX 5L Expansion Pack. The installation procedure is described in Install SSL-Related Client Packages on AIX on page 3-8.

1. Install the base AIX LDAP client package. You can find it in the ldap.client file

sets located on the AIX 5L product media. Execute the following command to install the basic package: installp -acgXd LPPSOURCE ldap.client where LPPSOURCE is the location of your Licensed Product Packages LPPs. 2. Verify the installation by typing the following command: lslpp -l ldap See Also: ■ Appendix E, Sample Script Output ■ Appendix F, LDAP Containers Added by Configuration Script Note: You can also use SMIT or the Web-based System Manager to install the LPPs. Configuring Oracle Authentication Services for Operating Systems 3-7 The output from the lslpp command should include ldap.client.adt and ldap.client.rte. Add At Least One User and One Group to Oracle Internet Directory on AIX Before you execute the client script on AIX, you must add at least one user and group to LDAP. Otherwise, the mksecldap command executed by the configuration script on AIX might fail with one of these error messages: Cannot find users from all base DN client setup failed. Cannot find the group base DN from the LDAP server. Client setup failed. To prevent this problem, you can simply add one user and one group, or you can migrate all your users and groups to Oracle Internet Directory now, rather than waiting until you have run the configuration script. To migrate all your users and groups, proceed as follows:

1. Convert local system entries to LDAP entries by using the sectoldif command.