67 timeout_seconds='60'> |
49 timeout_seconds='60'> |
68 <method_context> |
50 <method_context> |
69 <method_credential |
51 <method_credential |
70 user='openldap' |
52 user='openldap' |
71 group='openldap' |
53 group='openldap' |
72 privileges='basic,net_privaddr,file_dac_read,file_dac_write,file_dac_search' /> |
54 privileges='basic,{net_privaddr}:389/tcp,{net_privaddr}:636/tcp' /> |
73 </method_context> |
55 </method_context> |
74 </exec_method> |
56 </exec_method> |
75 |
57 |
76 <exec_method |
58 <exec_method |
77 type='method' |
59 type='method' |
78 name='stop' |
60 name='stop' |
79 exec='/lib/svc/method/ldap-olslapd stop %{restarter/contract}' |
61 exec='/lib/svc/method/ldap-olslapd stop %{restarter/contract}' |
80 timeout_seconds='60' /> |
62 timeout_seconds='60' /> |
81 |
63 |
82 <property_group name='startd' type='framework'> |
64 <property_group name='general' type='framework'> |
83 <!-- sub-process core dumps shouldn't restart |
65 <!-- start and stop "init" instance --> |
84 session --> |
66 <propval name='action_authorization' type='astring' |
85 <propval name='ignore_error' type='astring' |
67 value='solaris.smf.manage.name-service.ldap.server' /> |
86 value='core,signal' /> |
68 <propval name='value_authorization' type='astring' |
|
69 value='solaris.smf.value.name-service.ldap.server' /> |
87 </property_group> |
70 </property_group> |
88 |
71 |
89 <template> |
72 <property_group name='config' type='application'> |
90 <common_name> |
73 <propval name='value_authorization' type='astring' |
91 <loctext xml:lang='C'> |
74 value='solaris.smf.value.name-service.ldap.server' /> |
92 slapd - OpenLDAP LDAP server |
75 <property name='urls' type='astring'> |
93 </loctext> |
76 <astring_list> |
94 </common_name> |
77 <value_node value='ldap:///' /> |
95 <documentation> |
78 <value_node value='ldaps:///' /> |
96 <manpage title='slapd' section='8oldap' |
79 <value_node value='ldapi:///' /> |
97 manpath='/usr/share/man' /> |
80 </astring_list> |
98 <doc_link name='openldap.org' |
81 </property> |
99 uri='http://www.openldap.org' /> |
82 </property_group> |
100 </documentation> |
83 |
101 </template> |
84 <property_group name='cred' type='application'> |
|
85 <stability value='Evolving'/> |
|
86 <propval name='read_authorization' type='astring' |
|
87 value='solaris.smf.read.name-service.ldap.server' /> |
|
88 <propval name='value_authorization' type='astring' |
|
89 value='solaris.smf.value.name-service.ldap.server' /> |
|
90 <propval name='backend_passwd' type='astring' value=''/> |
|
91 <propval name='admin_passwd' type='astring' value=''/> |
|
92 <propval name='proxy_passwd' type='astring' value=''/> |
|
93 <propval name='backend_cn' type='astring' value='Manager'/> |
|
94 <propval name='admin_cn' type='astring' value='admin'/> |
|
95 <propval name='proxy_cn' type='astring' value='proxyagent'/> |
|
96 </property_group> |
|
97 |
|
98 <property_group name='profile' type='application'> |
|
99 <property_group name='default' type='application'> |
|
100 <propval name='server_list' type='astring' value='' /> |
|
101 <propval name='search_base' type='astring' value='dc=example,dc=com' /> |
|
102 <propval name='search_scope' type='astring' value='one' /> |
|
103 <propval name='credential_level' type='astring' value='proxy' /> |
|
104 <propval name='authentication_method' type='astring' value='tls:simple' /> |
|
105 <property name='service_search_descriptor' type='astring'> |
|
106 <astring_list> |
|
107 <value_node value='' /> |
|
108 </astring_list> |
|
109 </property> |
|
110 <propval name='value_authorization' type='astring' |
|
111 value='solaris.smf.value.name-service.ldap.server' /> |
|
112 </property_group> |
|
113 </property_group> |
|
114 |
|
115 <template> |
|
116 <common_name> |
|
117 <loctext xml:lang='C'> |
|
118 slapd - OpenLDAP LDAP server |
|
119 </loctext> |
|
120 </common_name> |
|
121 <description> |
|
122 <loctext xml:lang='C'> |
|
123 OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol |
|
124 </loctext> |
|
125 </description> |
|
126 <documentation> |
|
127 <manpage title='slapd' section='8oldap' |
|
128 manpath='/usr/share/man' /> |
|
129 <doc_link name='openldap.org' |
|
130 uri='http://www.openldap.org' /> |
|
131 </documentation> |
|
132 |
|
133 <pg_pattern name='config' type='application' |
|
134 target='this' required='true'> |
|
135 <description> <loctext xml:lang='C'> |
|
136 LDAP Name Service configuration data. |
|
137 </loctext> </description> |
|
138 <prop_pattern name='urls' type='astring' |
|
139 required='true'> |
|
140 <description> <loctext xml:lang='C'> |
|
141 Hostname and Port |
|
142 </loctext> </description> |
|
143 <cardinality min='1'/> |
|
144 </prop_pattern> |
|
145 </pg_pattern> |
|
146 |
|
147 <pg_pattern name='cred' type='application' |
|
148 target='this' required='true'> |
|
149 <description> <loctext xml:lang='C'> |
|
150 LDAP Name Service credential data. |
|
151 </loctext> </description> |
|
152 <prop_pattern name='backend_passwd' type='astring' |
|
153 required='true'> |
|
154 <description> <loctext xml:lang='C'> |
|
155 Backend Password |
|
156 </loctext> </description> |
|
157 <cardinality min='1' max='1'/> |
|
158 </prop_pattern> |
|
159 <prop_pattern name='admin_passwd' type='astring' |
|
160 required='true'> |
|
161 <description> <loctext xml:lang='C'> |
|
162 Admin Password |
|
163 </loctext> </description> |
|
164 <cardinality min='1' max='1'/> |
|
165 </prop_pattern> |
|
166 <prop_pattern name='proxy_passwd' type='astring' |
|
167 required='true'> |
|
168 <description> <loctext xml:lang='C'> |
|
169 Proxy Password |
|
170 </loctext> </description> |
|
171 <cardinality min='1' max='1'/> |
|
172 </prop_pattern> |
|
173 <prop_pattern name='backend_cn' type='astring' |
|
174 required='true'> |
|
175 <description> <loctext xml:lang='C'> |
|
176 Backend Common Name |
|
177 </loctext> </description> |
|
178 <cardinality min='1' max='1'/> |
|
179 </prop_pattern> |
|
180 <prop_pattern name='admin_cn' type='astring' |
|
181 required='true'> |
|
182 <description> <loctext xml:lang='C'> |
|
183 Admin Common Name |
|
184 </loctext> </description> |
|
185 <cardinality min='1' max='1'/> |
|
186 </prop_pattern> |
|
187 <prop_pattern name='proxy_cn' type='astring' |
|
188 required='true'> |
|
189 <description> <loctext xml:lang='C'> |
|
190 Proxy Common Name |
|
191 </loctext> </description> |
|
192 <cardinality min='1' max='1'/> |
|
193 </prop_pattern> |
|
194 </pg_pattern> |
|
195 |
|
196 <pg_pattern name='profile' type='application' |
|
197 target='this' required='true'> |
|
198 <description> <loctext xml:lang='C'> |
|
199 LDAP Name Service profile data. |
|
200 </loctext> </description> |
|
201 </pg_pattern> |
|
202 <pg_pattern name='default' type='application' |
|
203 target='this' required='false'> |
|
204 <description> <loctext xml:lang='C'> |
|
205 LDAP Name Service default profile data. |
|
206 </loctext> </description> |
|
207 <prop_pattern name='server_list' type='astring' |
|
208 required='false'> |
|
209 <description> <loctext xml:lang='C'> |
|
210 Server List |
|
211 </loctext> </description> |
|
212 <cardinality min='1'/> |
|
213 </prop_pattern> |
|
214 <prop_pattern name='search_base' type='astring' |
|
215 required='true'> |
|
216 <description> <loctext xml:lang='C'> |
|
217 Search Base |
|
218 </loctext> </description> |
|
219 <cardinality min='1' max='1'/> |
|
220 </prop_pattern> |
|
221 <prop_pattern name='search_scope' type='astring' |
|
222 required='false'> |
|
223 <description> <loctext xml:lang='C'> |
|
224 Search Scope |
|
225 </loctext> </description> |
|
226 <cardinality min='1' max='1'/> |
|
227 <constraints> |
|
228 <value name='base'> |
|
229 <description> <loctext xml:lang='C'> |
|
230 Search base DN |
|
231 </loctext> </description> |
|
232 </value> |
|
233 <value name='one'> |
|
234 <description> <loctext xml:lang='C'> |
|
235 Search one-level |
|
236 </loctext> </description> |
|
237 </value> |
|
238 <value name='sub'> |
|
239 <description> <loctext xml:lang='C'> |
|
240 Search Subtree |
|
241 </loctext> </description> |
|
242 </value> |
|
243 </constraints> |
|
244 <choices> |
|
245 <value name='base'/> |
|
246 <value name='one'/> |
|
247 <value name='sub'/> |
|
248 </choices> |
|
249 </prop_pattern> |
|
250 <prop_pattern name='credential_level' type='astring' |
|
251 required='false'> |
|
252 <description> <loctext xml:lang='C'> |
|
253 Credential Level(s) |
|
254 </loctext> </description> |
|
255 <cardinality min='1'/> |
|
256 <constraints> |
|
257 <value name='anonymous'> |
|
258 <description> <loctext xml:lang='C'> |
|
259 Anonymous - No bind |
|
260 </loctext> </description> |
|
261 </value> |
|
262 <value name='proxy'> |
|
263 <description> <loctext xml:lang='C'> |
|
264 Proxy - Bind with auth method and credentials |
|
265 </loctext> </description> |
|
266 </value> |
|
267 <value name='self'> |
|
268 <description> <loctext xml:lang='C'> |
|
269 Self - Bind using Kerberos credentials (sasl/GSSAPI) |
|
270 </loctext> </description> |
|
271 </value> |
|
272 </constraints> |
|
273 <choices> |
|
274 <value name='anonymous'/> |
|
275 <value name='proxy'/> |
|
276 <value name='self'/> |
|
277 </choices> |
|
278 </prop_pattern> |
|
279 <prop_pattern name='authentication_method' type='astring' |
|
280 required='false'> |
|
281 <description> <loctext xml:lang='C'> |
|
282 Authentication Method(s) |
|
283 </loctext> </description> |
|
284 <cardinality min='1'/> |
|
285 <constraints> |
|
286 <value name='none'> |
|
287 <description> <loctext xml:lang='C'> |
|
288 no authentication |
|
289 </loctext> </description> |
|
290 </value> |
|
291 <value name='simple'> |
|
292 <description> <loctext xml:lang='C'> |
|
293 simple authentication |
|
294 </loctext> </description> |
|
295 </value> |
|
296 <value name='sasl/CRAM-MD5'> |
|
297 <description> <loctext xml:lang='C'> |
|
298 sasl/CRAM-MD5 authentication |
|
299 </loctext> </description> |
|
300 </value> |
|
301 <value name='sasl/DIGEST-MD5'> |
|
302 <description> <loctext xml:lang='C'> |
|
303 sasl/DIGEST-MD5 authentication |
|
304 </loctext> </description> |
|
305 </value> |
|
306 <value name='sasl/DIGEST-MD5:auth-int'> |
|
307 <description> <loctext xml:lang='C'> |
|
308 sasl/DIGEST-MD5:auth-int authentication |
|
309 </loctext> </description> |
|
310 </value> |
|
311 <value name='sasl/DIGEST-MD5:auth-conf'> |
|
312 <description> <loctext xml:lang='C'> |
|
313 sasl/DIGEST-MD5:auth-conf authentication |
|
314 </loctext> </description> |
|
315 </value> |
|
316 <value name='sasl/EXTERNAL'> |
|
317 <description> <loctext xml:lang='C'> |
|
318 sasl/EXTERNAL authentication |
|
319 </loctext> </description> |
|
320 </value> |
|
321 <value name='sasl/GSSAPI'> |
|
322 <description> <loctext xml:lang='C'> |
|
323 sasl/GSSAPI authentication |
|
324 </loctext> </description> |
|
325 </value> |
|
326 <value name='tls:none'> |
|
327 <description> <loctext xml:lang='C'> |
|
328 tls:none authentication |
|
329 </loctext> </description> |
|
330 </value> |
|
331 <value name='tls:simple'> |
|
332 <description> <loctext xml:lang='C'> |
|
333 tls:simple authentication |
|
334 </loctext> </description> |
|
335 </value> |
|
336 <value name='tls:sasl/CRAM-MD5'> |
|
337 <description> <loctext xml:lang='C'> |
|
338 tls:sasl/CRAM-MD5 authentication |
|
339 </loctext> </description> |
|
340 </value> |
|
341 <value name='tls:sasl/DIGEST-MD5'> |
|
342 <description> <loctext xml:lang='C'> |
|
343 tls:sasl/DIGEST-MD5 authentication |
|
344 </loctext> </description> |
|
345 </value> |
|
346 <value name='tls:sasl/DIGEST-MD5:auth-int'> |
|
347 <description> <loctext xml:lang='C'> |
|
348 tls:sasl/DIGEST-MD5:auth-int authentication |
|
349 </loctext> </description> |
|
350 </value> |
|
351 <value name='tls:sasl/DIGEST-MD5:auth-conf'> |
|
352 <description> <loctext xml:lang='C'> |
|
353 tls:sasl/DIGEST-MD5:auth-conf authentication |
|
354 </loctext> </description> |
|
355 </value> |
|
356 <value name='tls:sasl/EXTERNAL'> |
|
357 <description> <loctext xml:lang='C'> |
|
358 tls:sasl/EXTERNAL authentication |
|
359 </loctext> </description> |
|
360 </value> |
|
361 <value name='tls:sasl/GSSAPI'> |
|
362 <description> <loctext xml:lang='C'> |
|
363 tls:sasl/GSSAPI authentication |
|
364 </loctext> </description> |
|
365 </value> |
|
366 </constraints> |
|
367 <choices> |
|
368 <value name='none'/> |
|
369 <value name='simple'/> |
|
370 <value name='sasl/CRAM-MD5'/> |
|
371 <value name='sasl/DIGEST-MD5'/> |
|
372 <value name='sasl/DIGEST-MD5:auth-int'/> |
|
373 <value name='sasl/DIGEST-MD5:auth-conf'/> |
|
374 <value name='sasl/EXTERNAL'/> |
|
375 <value name='sasl/GSSAPI'/> |
|
376 <value name='tls:none'/> |
|
377 <value name='tls:simple'/> |
|
378 <value name='tls:sasl/CRAM-MD5'/> |
|
379 <value name='tls:sasl/DIGEST-MD5'/> |
|
380 <value name='tls:sasl/DIGEST-MD5:auth-int'/> |
|
381 <value name='tls:sasl/DIGEST-MD5:auth-conf'/> |
|
382 <value name='tls:sasl/EXTERNAL'/> |
|
383 <value name='tls:sasl/GSSAPI'/> |
|
384 </choices> |
|
385 </prop_pattern> |
|
386 <prop_pattern name='service_search_descriptor' type='astring' |
|
387 required='false'> |
|
388 <description> <loctext xml:lang='C'> |
|
389 Service Search Descriptor(s) |
|
390 </loctext> </description> |
|
391 <cardinality min='1'/> |
|
392 </prop_pattern> |
|
393 </pg_pattern> |
|
394 </template> |
102 </instance> |
395 </instance> |
103 |
396 |
104 <stability value='Evolving' /> |
397 <stability value='Evolving' /> |
105 </service> |
398 </service> |
106 |
399 |
107 </service_bundle> |
400 </service_bundle> |