Sun Microsystems V40Z Server User Manual


 
88 Sun Fire V20z and Sun Fire V40z Servers, Server Management Guide May, 2004
TABLE B-15 lists the arguments for this subcommand.
To use ADS as a directory service on the SP, you must create an active directory
account. The name-service library on the SP uses this account to authenticate itself to
the LDAP interface of the active directory server. A Windows administrator can
create the keytab for this account using the following command:
ktpass -princ <logon>@<domain> -pass <password> -mapuser <logon> -out
<output filename>
The keytab file must then be securely transferred to the SP using an encrypted
file-transfer mechanism.
The clock on the SP must be accurate and DNS must be set up (meaning that the SP
must have a DNS record).
If a directory service has been previously enabled, you can specify the following
command and options; the saved settings are then used to re-enable the service.
access enable service -t <nis | ads>
Return Codes
TABLE B-16 lists the return codes for this subcommand.
TABLE B-15 Arguments for Subcommand access enable service
Argument Description
{-d | --domain} Specifies the domain name.
{-s | --server} Specifies the server.
{-k | --keytab} For ADS only: Specifies the ADS keytab file name.
{-o | --ou} For ADS only: Specifies the organizational unit under which the
name-service library looks for group data.
{-l | --logon} For ADS only: Specifies the logon ID for the active directory
account.
TABLE B-16 Return Codes for Subcommand access enable service
Return Code ID Description
NWSE_Success 0 Command successfully completed.
NWSE_InvalidUsage 1 Invalid usage: bad parameter usage, conflicting
options specified.
NWSE_RPCTimeout 2 Request was issued, but was not serviced by the
server. RPC procedure timed out and the request
may or may not have been serviced by the server.