Secure use of LDAP for Naming Services with Solaris

This paper will discuss some security considerations when using Lightweight Directory Access Protocol (LDAP) as a naming service for Solaris systems, that is, as a networked storage location for the information usually stored in local files, such as account and group information, automount maps etc. It will specifically discuss changes to the configuration of the Sun ONE Directory Server 5.2 product, and changes to the Solaris client configuration to help avoid some security vulnerabilities. Note that all examples use fake data.