Configuring Solaris to Authenticate against a Sun Java System Access Manager's Directory Server
By superpat on Jan 21, 2006
Solaris (and other \*nix operating systems) can authenticate users against an LDAP compliant directory server, such as Sun Java System Directory Server, for log in. Sun Java System Access Manager can also authenticate users against an LDAP directory server for web single sign-on, access control and federation. There is an issue in that, by default, Access Manager locks down its Directory Server instance, removing the capability to do anonymous LDAP search and read operations. Unfortunately, this removes the ability for Solaris to authenticate users.
Jeff Nester, a Senior Identity Management Specialist at inSolutions (Dig the retro iPlanet favicon at inSolutions.net, Jeff!) recently wrote a paper explaining how to configure Directory Server and Access Manager so that Solaris and AM authentication co-exist. This allows you to create a single directory entry that enables access to both Solaris and web applications protected by AM.
Useful stuff if you're trying to consolidate directories and keep passwords consistent across desktop login and web applications. Lots of other goodies at Jeff's site too - must try the tips for getting a video projector to work on a Toshiba Tecra M2 in Java Desktop System. If that works, I definitely owe you a beer, Jeff