Introduction to the Solaris Management Console

The Solaris Management Console (SMC) uses GUI tools to make your servers easier to administer. The Solaris Management Console 2.1 software simplifies the task of administering both local and remote Solaris servers by providing the following:

  • An easy-to-navigate, GUI-based console and a context-sensitive help panel that integrates online documentation

  • Administration of multiple Solaris systems by a single console and a single login

  • Role-based access control that enables administrators to delegate specific administrative rights to users within a secure system

  • An open and extensible environment that integrates Java applications, X.11 legacy applications, wizards, and HTML through the Solaris Management Console 2.1 Software Development Kit (SDK)

The benefits of using the Solaris Management Console are as follows:

  • SMC supports all experience levels. Inexperienced users can complete tasks using the graphical interface, which includes dialog boxes, wizards, and context help. Experienced administrators will find that the console provides a convenient, secure alternative to using vi to manage configuration parameters on a large network of systems.

  • The network features of the SMC reduce the number of remote logins required to do administration, including rebooting systems and performing backups.

  • The SMC simplifies user administration by bringing all the administration tools together so that all SMC servers can be managed from a single location.

  • New applications can be added to the SMC server, and any authorized user can run that application from that server. In SMC, it’s possible to create special user accounts called roles that can be assigned to users, typically administrators who are permitted to make specific system changes. See Chapter 17, “Role-Based Access Control,” for more details.

  • SMC provides the user with a graphical representation of the administration components available as well as the level of authorization that is required to run them.

  • If preferred, more experienced administrators can operate the Solaris management tools through a command-line interface (CLI). SMC also can run in a terminal (nongraphical mode) for use over remote connections or noninteractively from a script.

SMC enables administrators to run applications remotely and to view the activity locally on all their servers. Central and remote management of all servers can be handled from any server on the network. S MC has three components:

  • The SMC client, called SMC or “the console”

  • The SMC server

  • The SMC Toolbox Editor

The SMC console is a window that contains three panes, four bars, and two tabs. On the left side of the window is a Navigation pane, the right side window is called the View pane, and the bottom window is the Information pane.

The SMC console relies on SMC servers running on one or more computers to perform modifications and report data. Each of these servers is a repository for code, which the console can retrieve after the server has authenticated the user of the console.

The SMC uses the concept of a toolbox to provide a view of various system administration tools or applications. The toolbox is a hierarchical collection of folders, tools, legacy applications, and links to other toolboxes. The SMC comes complete with a default toolbox, the “root” toolbox called “Management Tools,” which contains GUI tools to handle the tasks outlined in Table 18.1.

Table 18.1. SMC Management Tools
Tool Description
System Information Monitors and manages system information such as date, time, and time zone
Log Viewer Monitors and manages the Solaris Management Console tool’s log and system log
Processes Monitors and manages system processes
Performance Monitors system performance
Users Manages users, rights, roles, groups, and mailing lists
Projects Creates and manages entries in the /etc/project database
Computers and Networks Creates and monitors computer and network information
Patches Manages patches
Scheduled Jobs Creates and manages scheduled cron jobs
Mounts and Shares Mounts and shares file systems
Disks Creates and manages disk partitions
Enhanced Storage Creates and manages v olumes, hot spare pools, state database replicas, and disk sets
Serial Ports Sets up terminals and modems

Note

I demonstrate most of the SMC tools described in Table 18.1 in their respective chapters throughout this book.


The console can retrieve toolboxes from the server. These toolboxes are descriptions of organized collections of tools available on a server. After one of these toolboxes is loaded, the console displays it and the tools referenced in it.

The Solaris Management Console also can run in a terminal (nongraphical mode) for use over remote connections or noninteractively from a script.

Some Solaris commands are written specifically to mimic the Solaris Management Console tool functions (the commands for managing users, for example). These new commands are listed in Table 18.2 with a brief description of each command. There also is a man page for each command.

Table 18.2. SMC Commands
Commands Description
smc Starts the Solaris Management Console
smcron Manages crontab jobs
smdiskless Manages diskless client support
smexec Manages entries in the exec_attr database
smgroup Manages group entries
smlog Manages and views WBEM log files
smmultiuser Manages bulk operations on multiple user accounts
smosservice Adds OS services and diskless client support
smprofile Manages profiles in the prof_attr and exec_attr databases
smrole Manages roles and users in role accounts
smserialport Manages serial ports
smuser Manages user entries
auths Displays authorizations granted to a user
profiles Displays execution profiles for a user
roleadd Adds a new role to the system
roles Displays roles granted to a user
useradd Adds a user account
usermod Modifies a user account
userdel Deletes a user account
groupadd Adds a group account
groupmod Modifies a group account
groupdel Deletes a group account

Note

I demonstrate the commands described in Table 18.2 in their respective chapters throughout this book.


Using SMC

The Solaris Management Console is installed when you install the Solaris 9 operating environment, and it is started at bootup by the /etc/init.d/ init.wbem script. At any time, you can check the status of the SMC server by typing the following:

/etc/init.d/init.wbem status

If SMC is running, you get the following message:

Solaris Management Console server version 2.1.0 running on port 898.

Exercise 18.1 Using SMC

1.
Start the Solaris Management Console by typing the following:

/usr/sbin/smc &

On a bitmapped display, you see the SMC initializing, as shown in Figure 18.1.

Figure 18.1. The Solaris Management Console splash screen.


After it is initialized, the Solaris Management Console window appears, as shown in Figure 18.2. You can start SMC as a nonroot user, but some tools and applications might not load unless you log in as root or assume a role. (This is described later in this section.)

Figure 18.2. The SMC window.


Note

The first time yo u start SMC, it might take several minutes to start up.

2.
When you expand an item in the Navigation pane, details of that item are displayed in the right pane. For example, when I click This Computer (ultra5), the window panes change as shown in Figure 18.3.

Figure 18.3. The Navigation pane display.


Items displayed in the navigation pane are applications that the SMC can manage. These applications have been registered as SMC applications for the current host.

3.
The first time you log in as root and start up the SMC, you have the responsibility to set up at least one account with the right of Primary Administrator and to provide rights for other users. For instance, you can give another nonroot user privileges to manage user accounts on the system. To set up a Primary Administrator account, you must assign roles to user accounts. This is referred to as role-based access control and is described in Chapter 17. Roles are special accounts used to grant rights to administrators. To set up the Primary Administrator account, go to the navigation pane, click the System Configuration icon, and then click the Users icon.

The Login window will appear, as shown in Figure 18.4.

Figure 18.4. The Login window.


4.
Enter the root password in the Password field and click OK to continue. The Users tool will begin loading. The Users tool displays in the View pane of the SMC window, as shown in Figure 18.5.

Figure 18.5. The Users tool.


5.
Click the Administrative Role icon in the View pane. Then click the Action menu and select Add Administrative Role, as shown in Figure 18.6.

Figure 18.6. The Add Administrative Role option.


The Add Administrative Role wizard opens, as shown in Figure 18.7.

Figure 18.7. The Add Administrative Role wizard.


6.
Create the Primary Administrator role by using the Administrative Role wizard and following these steps.

In the following windows that appear, you’ll be asked to provide information regarding the role you are setting up. Each field and option is described in Table 18.3.

Table 18.3. The Add Administrative Role Fields and Options
Field Description
Role Name Selects the name an administrator uses to log in to a specific role. This name must be unique, contain 2–32 letters and numbers, begin with a letter, have at least one lower-case letter, and be unique within a domain.
Full Name Provides a full, descriptive name of this role (optional).
Description Further description of this role. Maximum number of characters is 256.
Role ID Number Selects the identification number assigned to this role. This is the same set of identifiers for UIDs. The identification number must be a whole number from 10 to 2147483647 and must be unique within a domain.
Role Shell Selects the shell that runs when a user logs in to a terminal or console window and assumes a role in that window.
Create a role mailing list Creates a mailing list with the same name as the role, if checked. You can use this list to send email to everyone assigned to the role.
Role Password and Confirm Password Sets and confirms the role Password.

7.
Fill in the appropriate fields as shown in Figure 18.8 and click the Next button to continue.

Figure 18.8. Entering a role name.


8.
A window will appear, asking you to set and confirm the role password. Click the Next button to continue. You’ll then need to assign rights to the role as shown in Figure 18.9.

Figure 18.9. Assigning role rights.


9.
Select the Primary Administrator right from the Available Rights column and add it to Granted Rights column, as shown in Figure 18.10. Click the Next button to continue.

Figure 18.10. Selecting role rights.


10.
Select the home directory for the role, as shown in Figure 18.11, and click the Next button to continue.

Figure 18.11. Selecting a home directory.


11.
Assign yourself to the list of users who can assume the role, as shown in Figure 18.12, and click the Next button to continue.

Figure 18.12. Assigning users to the role.


12.
A confirmation window will appear, displaying all of your selections. Click the Finish button to return to the Solaris Management Console window. The new role displays, as shown in Figure 18.13.

Figure 18.13. The new role displayed in the Solaris Management Console.


13.
At any time, you can click a role (such as “jradmin”), and the role properties for that particular role will display, as shown in Figure 18.14.

Figure 18.14. The Role Properties window.


14.
In this window, you can view the properties for the selected role. If you are the Primary Administrator, you can change the properties for a particular role.

15.
Now that a role has been defined and users have been associated with that role, those users can start up SMC, assume their role, and use the functions that have been assigned to that role. For example, when user bill starts up SMC, the SMC window displays, as shown in Figure 18.15.

Figure 18.15. The Solaris Management Console window.


16.
When the user clicks the This Computer icon in the navigation pane, the Users icon appears under System Configuration, as shown in Figure 18.16.

Figure 18.16. The Users icon in the Solaris Management Console window.


17.
When bill clicks the Users icon, the Log In window shown in Figure 18.17 opens, prompting for a password.

Figure 18.17. The SMC Log In window.


18.
bill enters his password and clicks the OK button.

19.
The Solaris Management Console window now displays icons for the functions to which you have been granted rights, as shown in Figure 18.18.

Figure 18.18. Icons representing user functions in the SMC window.


For a more in-depth description of role-based access control (RBAC), refer to Chapter 17.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset