|
Decide what security features you want to use in your installation.
|
Review the security features and configurations to decide what level
of security you want to use in your WAN boot installation.
|
Protecting Data During a WAN Boot Installation
Security Configurations Supported by WAN Boot (Overview)
|
|
Collect WAN boot installation information.
|
Complete the worksheet to record all the information you need to perform
a WAN boot installation.
|
Gathering Information for WAN Boot Installations
|
|
Create the document root directory on the WAN boot server.
|
Create the document root directory and any subdirectories to serve the
configuration and installation files.
|
Creating the Document Root Directory
|
|
Create the WAN boot miniroot.
|
Use the setup_install_server command to create the
WAN boot miniroot.
|
SPARC: To Create a WAN Boot Miniroot
|
|
Verify that the client system supports WAN boot.
|
Check the client OBP for boot argument support of WAN boot.
|
To Check the Client OBP for WAN Boot Support
|
|
Install the wanboot program on the WAN boot server.
|
Copy the wanboot program to the document root directory
of the WAN boot server.
|
Installing the wanboot Program on the WAN Boot Server
|
|
Install the wanboot-cgi program on the WAN boot
server.
|
Copy the wanboot-cgi program to the WAN boot server's
CGI directory.
|
To Copy the wanboot-cgi Program to the WAN Boot Server
|
|
(Optional) Set up the logging server.
|
Configure a dedicated system for displaying boot and installation log
messages.
|
(Optional) To Configure the WAN Boot Logging Server
|
|
Set up the /etc/netboot hierarchy.
|
Populate the /etc/netboot hierarchy with the configuration
and security files that are required for a WAN boot installation.
|
Creating the /etc/netboot Hierarchy on the WAN Boot Server
|
|
Configure the web server to use secure HTTP for a more secure WAN boot
installation.
|
Identify the web server requirements that are necessary to perform a
WAN installation with HTTPS.
|
(Optional) Protecting Data by Using HTTPS
|
|
Format digital certificates for a more secure WAN boot installation.
|
Split PKCS#12 file into a private key and a certificate to use with
the WAN installation.
|
(Optional) To Use Digital Certificates for Server and Client Authentication
|
|
Create a hashing key and an encryption key for a more secure WAN boot
installation.
|
Use the wanbootutil keygen command to create HMAC
SHA1, 3DES, or AES keys.
|
(Optional) To Create a Hashing Key and an Encryption Key
|
|
Create the Solaris Flash archive.
|
Use the flar create command to create an archive
of the software that you want to install on the client.
|
To Create the Solaris Flash Archive
|
|
Create the installation files for the custom JumpStart installation.
|
Use a text editor to create the following files:
-
sysidcfg
-
profile
-
rules.ok
-
begin scripts
-
finish scripts
|
To Create the sysidcfg File
To Create the Profile
To Create the rules File
(Optional) Creating Begin and Finish Scripts
|
|
Create the system configuration file.
|
Set the configuration information in the system.conf file.
|
To Create the System Configuration File
|
|
Create the WAN boot configuration file.
|
Set the configuration information in the wanboot.conf file.
|
To Create the wanboot.conf File
|
|
(Optional) Configure the DHCP server to support a WAN boot installation.
|
Set Sun vendor options and macros in the DHCP server.
|
Preconfiguring System Configuration Information With the DHCP Service (Tasks)
|
Ladda ner denna bok i PDF (1643 KB)