Wajih Ahmed and Baban Kenkre, March 2008 (Updated May 2008)
This document describes how to configure a Solaris OS client to use Microsoft Windows Server 2003 R2 Enterprise Edition (Active Directory) for authentication and naming services. The Solaris client uses per-user authentication (also called self-credentials) for naming service lookups instead of a proxy account. This new functionality is available starting with the Solaris 10 08/07 OS.
This configuration uses a shell script called
adjoin.sh to automate the process of joining the Solaris client to the Active Directory domain and configures Kerberos on the client. This script is not supported by Sun and is not part of the Solaris distribution. (See the For More Information section for information about downloading the adjoin script.)
A new version of adjoin tool is available for the Solaris 10 5/08 release (see the For More Information section of the article). This version contains an updated
ksetpw source and binary which has been modified to run on the Solaris 10 5/08 OS. See the README file for more details. Note that the
ksetpw.c source file in this version can also be used on OpenSolaris systems.
THE SOLUTION DESCRIBED IN THIS PAPER SHOULD BE TREATED AS PROOF OF CONCEPT AND SHOULD NOT BE USED IN PRODUCTION.
For more details, see the list of contents below.
Download the document as PDF.
Here are additional resources:
Training courses available at http://www.sun.com/training/:
Open source resources:
Discussions, such as the Solaris Forums
Related web sites and articles:
Events of interest to users of Sun products:
Change Log: In May 2008, information was added for Solaris 5/08 release. Also, further details were provided regarding the adjoin script.
Unless otherwise licensed, code in all technical manuals herein (including articles, FAQs, samples) is provided under this License.
More Systems Downloads