Friday, February 06, 2015

Oracle Solaris 11 Derived Manifest and modifying the boot system

This is a follow on from last last blog entry "Oracle Solaris 11 Derived Manifest with Automated Installation", where I mentioned that I could not examine the disk partitions of the new system since the aiuser does not have permission to run fdisk.

Quote: "The derived manifest script can run commands to read system attributes. AI runs the script as role aiuser. The aiuser role has all the privileges of a non-privileged user plus the following additional privileges: solaris.network.autoconf.read, solaris.smf.read.* 

The aiuser role is non-privileged except that it can read more information from the system than other non-privileged users. The aiuser role cannot change the system."

Wednesday, November 26, 2014

Oracle Solaris 11 Derived Manifest with Automated Installation

I have been looking at Derived Manifest recently so that I can have one manifest to control the installation of Oracle Solaris 11.2 FCS on our dual boot desktops.

Ref:

Tuesday, November 25, 2014

PXE booting for Oracle Solaris using Windows DHCP server

A quick blog entry about getting Solaris PXE boot working with Microsoft Windows DHCP server. I was always told it was easy but I never managed to get it to working even though a lot of people I talked to had it working.

The problem was that our network was not correctly configured for PXEbooting. Problem was our network need PortFast enable (Good Ref: Spanning Tree Protocol (STP) and PortFast).

With that enabled it was a matter of just setting the right parameters in the Scope Options of the DHCP server. (Good ref: PXE booting with WDS – DHCP Scope vs IP Helpers)

Option 060: Client identifier. Set to PXEClient 
Option 066: Boot Server Host Name: Solaris_auto_installer
Option 067: Bootfile Name: 0143162EC46C31.bios 
Option 043: Vendor Specific Info: 01 04 00 00 00 00 FF (Ref: Differential Analysis - WDS & DHCP Separation

With the above set your x86 systems will be able to find the AI Server.

Monday, September 01, 2014

Goodbye UW IMAP! Hello Dovecot! Oracle Solaris 11 setup guide for Dovecot

After many years of being faithful to UW IMAP it was time to move on. The move was required since UW IMAP was no longer being supported and I was having problems using it with latest version of Horde Webmail, so I decided to install Dovecot on our Oracle Solaris 11 systems.

I was surprised how easy the installation went to get Dovecot working on Solaris 11, which was pleasing.

References:
  • Welcome to the Dovecot Wiki
    • http://wiki2.dovecot.org/
  • IMAP server with dovecot
    • http://karellen.blogspot.co.uk/2011/12/imap-server-with-dovecot.html
  • Solaris 10 に Dovecot 2.1 をインストールする方法
    • http://blog.torigoya.net/2012/07/01/solaris10-dovecot

Thursday, July 31, 2014

Install Firefox 30 (latest version) onto Oracle Solaris 11

As you know Oracle Solaris 11 (11.1, 11.2) comes with Firefox 17 ESR and Mozilla 17 ESR, which is very good news. I have had no problems with this version until now when I upgrade our Oracle Database 12c to 12.1.0.2 and found out that I could no longer access the Enterprise Manager Database Express via the browser since you require Firefox 24+.

Thankfully someone has compiled there our later version and placed them in mozilla contrib locations http://download.cdn.mozilla.net/pub/mozilla.org/firefox/releases.

Thursday, May 29, 2014

Setting up SSL for Solaris 11 LDAP (ldapclient to use LDAPS)

Following on from my last blog about "Setting up SSL for Solaris 11 LDAP client (changing AD password from Solaris)" I thought I would finish it off by changing my name service from LDAP to LDAPS. Hopefully your system is already talking to Active Directory over LDAP for all your authentication ("Solaris 11 Authentication Login with Active Directory").

Step 1: Setting up SSL for Solaris 11 LDAP client (changing AD password from Solaris)


Friday, May 16, 2014

Setting up SSL for Solaris 11 LDAP client (changing AD password from Solaris)

I have been using LDAP for years for our authentication and using LDAP Active Directory for about 3 years, but this was always using ldap so I thought I would start looking at SSL.

This blog entry will look at the initial setup and how you can talk to the AD server over SSL. The information here is nothing new and is all covered in the references but hope this shorter version helps.

References: