Chapter 2. Working With the Solaris Management Console (Tasks)

Table of Contents

Solaris Management Console (Overview)
What Is the Solaris Management Console?
Solaris Management Console Tools
Why Use the Solaris Management Console?
Organization of the Solaris Management Console
Changing the Solaris Management Console Window
Solaris Management Console Documentation
How Much Role-Based Access Control?
Becoming Superuser (root) or Assuming a Role
Using the Solaris Management Tools With RBAC (Task Map)
If You Are the First to Log in to the Console
Creating the Primary Administrator Role
Starting the Solaris Management Console
Using the Solaris Management Tools in a Name Service Environment (Task Map)
RBAC Security Files
Prerequisites for Using the Solaris Management Console in a Name Service Environment
Management Scope
/etc/nsswitch.conf File
Adding Tools to the Solaris Management Console
Troubleshooting the Solaris Management Console

Solaris Management Console (Overview)

The following sections provide information about the Solaris Manager Console.

What Is the Solaris Management Console?

The Solaris Management Console is a container for GUI-based management tools that are stored in collections referred to as toolboxes. The console includes a default toolbox with many basic management tools, including tools for managing the following:

  • Users

  • Projects

  • cron jobs for mounting and sharing file systems

  • cron jobs for managing disks and serial ports

For a brief description of each Solaris management tool, see Table 2–1.

You can add tools to the existing toolbox, or you can create new toolboxes.

The Solaris Management Console has three primary components:

  • The Solaris Management Console client

    Called the console, this component is the visible interface and contains the GUI tools used to perform management tasks.

  • The Solaris Management Console server

    This component is located either on the same machine as the console or remotely. This component provides all the back-end functionality that allows management through the console.

  • The Solaris Management Console toolbox editor

    This application, which looks similar to the console, is used to add or modify toolboxes, to add tools to a toolbox, or to extend the scope of a toolbox. For example, you could add a toolbox to manage a name service domain.

The default toolbox is visible when you start the console.

Solaris Management Console Tools

This table describes the tools included in the default Solaris Management Console toolbox. Cross-references to background information for each tool are provided.

Table 2.1. Solaris Management Console Tool Suite

Category

Tool

Description

For More Information

System Status

System Information

Monitors and manages system information such as date, time, and time zone

Chapter 12, Displaying and Changing System Information (Tasks), in System Administration Guide: Advanced Administration

Log Viewer

Monitors and manages the Solaris Management Console tools log and system logs

Chapter 21, Troubleshooting Software Problems (Overview), in System Administration Guide: Advanced Administration

Processes

Monitors and manages system processes

Processes and System Performance in System Administration Guide: Advanced Administration

Performance

Monitors system performance

Chapter 18, Managing System Performance (Overview), in System Administration Guide: Advanced Administration

System Configuration

Users

Manages users, rights, roles, groups, and mailing lists

What Are User Accounts and Groups? and Role-Based Access Control (Overview) in System Administration Guide: Security Services

Projects

Creates and manages entries in the /etc/project database

Chapter 2, Projects and Tasks (Overview), in System Administration Guide: Solaris Containers-Resource Management and Solaris Zones

Computers and Networks

Creates and monitors computer and network information

Solaris Management Console online help

Patches

Manages patches

Chapter 21, Managing Solaris Patches and Updates (Overview)

Services

Scheduled Jobs

Creates and manages scheduled cron jobs

Ways to Automatically Execute System Tasks in System Administration Guide: Advanced Administration

Storage

Mounts and Shares

Mounts and shares file systems

Chapter 19, Mounting and Unmounting File Systems (Tasks), in System Administration Guide: Devices and File Systems

Disks

Creates and manages disk partitions

Chapter 11, Managing Disks (Overview), in System Administration Guide: Devices and File Systems

Enhanced Storage

Creates and manages volumes, hot spare pools, state database replicas, and disk sets

Solaris Volume Manager Administration Guide

Devices and Hardware

Serial Ports

Sets up terminals and modems

Chapter 8, Managing Terminals and Modems (Overview), in System Administration Guide: Advanced Administration

Context–sensitive help is available after you start a tool. For broader, more in-depth online information than the context help provides, see the expanded help topics. You can access these help topics from the console Help menu.

Why Use the Solaris Management Console?

The console provides a set of tools with many benefits for administrators. The console does the following:

  • Supports all experience levels

    Inexperienced administrators can complete tasks by using the GUI, which includes dialog boxes, wizards, and context help. Experienced administrators find that the console provides a convenient, secure alternative to using vi to manage hundreds of configuration parameters spread across dozens or hundreds of systems.

  • Controls user access to the system

    Although any user can access the console by default, only superuser can make changes in the initial configuration. As described in Role-Based Access Control (Overview) in System Administration Guide: Security Services , it is possible to create special user accounts called roles can be created and assigned to users, typically administrators, who are permitted to make specific system changes.

    The key benefit of RBAC is that roles can be limited so that users have access to only those tasks that are necessary for doing their jobs. RBAC is not required for using the Solaris management tools. You can run all tools as superuser without making any changes.

  • Provides a command line interface

    If preferred, administrators can operate the Solaris management tools through a command-line interface (CLI). Some commands are written specifically to mimic the GUI tool functions, such as the commands for managing users. These new commands are listed in Table 1–7, which includes the names and brief descriptions of each command. There is also a man page for each command.

    For Solaris management tools that have no special commands, such as the Mounts and Shares tool, use the standard UNIX commands.

For in-depth information about how RBAC works, its benefits, and how to apply those benefits to your site, see Role-Based Access Control (Overview) in System Administration Guide: Security Services .

To learn more about using RBAC with the Solaris management tools, see Using the Solaris Management Tools With RBAC (Task Map).

Organization of the Solaris Management Console

In the following figure, the console is shown with the Users tool open.

Figure 2.1. Solaris Management Console – Users Tool

Solaris Management Console – Users Tool

The main part of the console consists of three panes:

  • Navigation pane (at the left) – For accessing tools (or sets of tools), folders, or other toolboxes. Icons in the navigation pane are called nodes and are expandable if they are folders or toolboxes.

  • View pane (at the right) – For viewing information related to the node selected in the navigation pane. The view pane shows either the contents of the selected folder, subordinate tools, or the data associated with the selected tool.

  • Information pane (at the bottom) – For displaying context-sensitive help or console events.

Changing the Solaris Management Console Window

The layout of the console window is highly configurable. You can use the following features to change the console window layout:

  • View menu – Use the Show option in the View menu to hide or display the optional bars and panes. The other options in the View menu control the display of nodes in the view pane.

  • Console menu – Use the Preferences option to set the following: the initial toolbox, the orientation of panes, clicking or double-clicking for selection, text or icons in the tool bar, fonts, default tool loading, authentication prompts, and advanced logins.

  • Context Help or Console Events toggles – Use the icons at the bottom of the information pane to toggle between the display of context-sensitive help and console events.

Solaris Management Console Documentation

The main source of documentation for using the console and its tools is the online help system. Two forms of online help are available: context-sensitive help and expanded help topics.

  • Context-sensitive help responds to your use of the console tools.

    Clicking the cursor on tabs, entry fields, radio buttons, and so forth, causes the appropriate help to appear in the Information pane. You can close, or reopen the Information pane by clicking the question mark button on dialog boxes and wizards.

  • Expanded help topics are available from the Help menu or by clicking cross reference links in some context-sensitive help.

    These topics appear in a separate viewer and contain more in-depth information than is provided by the context help. Topics include overviews of each tool, explanations of how each tool works, files used by a specific tool, and troubleshooting.

For a brief overview of each tool, refer to Table 2–1.

How Much Role-Based Access Control?

As described in Why Use the Solaris Management Console?, a major advantage of using the Solaris management tools is the ability to use Role-Based Access Control (RBAC). RBAC provides administrators with access to just the tools and commands they need to perform their jobs.

Depending on your security needs, you can use varying degrees of RBAC.

RBAC Approach

Description

For More Information

No RBAC

Allows you to perform all tasks as superuser. You can log in as yourself. When you select a Solaris management tool, you specify root as the user and the root password.

How to Become Superuser (root) or Assume a Role

root as a role

Eliminates anonymous root logins and prevents users from logging in as root. This approach requires users to log in as themselves before they assume the root role.

Note that you can apply this approach whether or not you are using other roles.

How to Plan Your RBAC Implementation in System Administration Guide: Security Services

Single role only

Uses the Primary Administrator role, which is roughly equivalent to having root access only.

Creating the Primary Administrator Role

Suggested roles

Uses three roles that are easily configured: Primary Administrator, System Administrator, and Operator. These roles are appropriate for organizations with administrators at different levels of responsibility whose job capabilities roughly fit the suggested roles.

Role-Based Access Control (Overview) in System Administration Guide: Security Services

Custom roles

You can add your own roles, depending on your organization's security needs.

Managing RBAC in System Administration Guide: Security Services and How to Plan Your RBAC Implementation in System Administration Guide: Security Services