Solaris Management Console
Names (files, users, daemons) are usually in bold:
System dependent or variable items are usually in italics:
File entries and output are in mono-spaced type:
> root 8036 c Tue Apr 26 23:59:00 2005
< root 8036 c Tue Apr 26 23:59:59 2005
marks a line wrapped to fit on the slide:
marks a horizontal tab (09 hex)
Reference OE for programs and documentation is
“The Solaris Management Console is a
graphical user interface that provides access to
Solaris system administration tools.”
Replaces both AdminSuite and Admintool.
The Solaris Management Console (abbreviated
as SMC from here forward) first appeared in
SMC continues at least through Solaris 10.
Admintool and Java Web Console
Solaris 9 includes
admintool, but it
opens with this
is not in Solaris 10.
Java Web Console
was introduced in
Solaris 10 as a future
replacement for SMC,
but currently it has
SMC Advantages Over admintool
Replaces the root-privileges of admintool
with more flexible role-based access
control (RBAC) if desired.
Based on a toolbox concept; different
collections of tools and folders can be
grouped for user‟s role or experience.
Can be extended with JavaBeans, legacy
apps, commands, etc.
Has context-sensitive help.
Role-Based Access Control (RBAC)
Replaces the all-or-
model with least-
allows separation of
A role account is created with specific rights that
are granted to a set of users.
See System Administration Guide: Security
Services (817-0365) Chapters 5-7.
Solaris Management Tools History
Solaris Solaris Solaris Solaris Solaris
2.6 7 8 9 10
admintool Yes Yes Yes Yes No
SMC 1.0 Yes Yes Yes No No
SMC 2.0 No No Yes (1/01) No No
SMC 2.1 No No No Yes Yes
Web Console No No No No Yes
See System Administration Guide: Basic Administration (817-3814)
Chapter 1 Solaris Management Tools (Roadmap) for a matrix of Solaris
management tools support.
Solaris Management Console 2. 1 Packages
SUNWmccom Common Components
SUNWmcc Client Components
SUNWmc Server Components
SUNWwbmc WBEM Components
SUNWmcdev Development Kit
Solaris Management 2.1 Packages
SUNWmgapp WBEM Management Applications
SUNWmga Solaris Management Applications
SUNWdclnt Solaris Diskless Client
SUNWpmgr Solaris Patch Management
SUNWrmui Resource Management User
Solaris Volume Management Packages
SUNWlvmr SVM (root)
SUNWlvma SVM APIs
SUNWlvmg SVM Application
Because Solstice DiskSuite has been incorporated in
Solaris 9 as the Solaris Volume Manager, the DiskSuite
Tool (metatool) has been removed and SMC is now the
graphical interface for Solaris Volume Management.
There is no Sun manual that covers only SMC.
The System Administration Guide: Basic
Administration (817-3814) introduces SMC in
Chapter 2 Working With the Solaris
Management Console (Tasks)
Other references are scattered in the various
System Administration Guides.
BigAdmin has SMC 2.0 Frequently Asked
Questions which also has 2.1 tips at
SunSolve has a Solaris Management Console
Support Document (70475).
Solaris Management Console Tools
Solaris Management Console Tools by
Janice Winsor (Sun Microsystems Press,
2002) covers SMC 2.0 and is out of print.
Three sample chapters are online:
Networked System Administration Tools from
SMC Toolbox Editor: Creating and Editing the
Using SMC Tools
Online help is
currently selected tool
will determine the
A simple non-boolean
search is available.
Help can be printed.
SMC Server: provides tools for console
and services such as authentication,
authorization, logging, messaging, etc.
SMC Toolbox Editor: used to modify or
SMC client (the „Console‟): interface that
contains the GUI tools used to perform
SMC Server Components
The SMC server is a Java-based daemon.
Although it is a single process, it is a server for
both the Solaris Management Console and
Solaris Web-Based Enterprise Management
If server crashes or console never loads, stop
and restart the server using the init.wbem
command (next slide).
Running the SMC Server
The script /etc/init.d/init.wbem is used to start
smcboot, a small proxy server (see Initial
Server Configuration slide).
In addition to the usual start and stop
arguments, init.wbem also takes a status
# /etc/init.d/init.wbem status
Solaris Management Console server
version 2.1.0 running on port 898.
For startup, init.wbem is linked to
/etc/rc2.d/S90wbem and the shutdown scripts
are /etc/rc0.d/K36wbem, /etc/rc1.d/K36wbem,
Running the Console Locally
from the CDE Tools
Menu (see right)
Or double-click the
SMC icon in CDE
or File Manager
Starting the Console Locally by Command Line
Must be in an X11 terminal window, i.e.,
Use the following command:
The command line is also used when
using a PC X server to remotely run SMC.
Running SMC in Web Browser
Despite what some
of the documentation
implies, SMC cannot
be run in a web
Java Web Console
(Solaris 10) can.
Options for Running SMC Remotely
Use a Unix box with
SSH and Xwindows
Run Xwindows on a
Run Solaris or other
Unix in a PC virtual
machine such as
Remote X Server to Run on PC
product or download
Cygwin provides both
X11 and OpenSSH
for running SMC.
Install OpenSSH and X11from Cygwin
SSH X11 Tunneling
The Secure Shell (SSH) can be used to
encrypt X11 traffic by forwarding through
an SSH tunnel.
Neither Xhosts nor Xauth are necessary
when using SSH to tunnel.
X11 Forwarding Configuration
/etc/ssh/sshd_config must be modified to
allow X11 forwarding by the ssh server.
Find Line with X11 tunneling options:
# X11 tunneling options
# X11Forwarding no
Change to allow forwarding:
Getting sshd to reread sshd_config
Send a SIGHUP signal to the sshd daemon to reread
the configuration file.
There may be multiple instances of sshd running if using
ps -ef | grep sshd
root 304 702 0 19:36:22 ? 0:00 /usr/lib/ssh/sshd
root 702 1 0 Oct 05 ? 0:00 /usr/lib/ssh/sshd
cfhauser 308 304 0 19:36:30 ? 0:00 /usr/lib/ssh/sshd
cfhauser 178 175 0 19:25:32 ? 0:01 /usr/lib/ssh/sshd
root 175 702 0 19:25:25 ? 0:00 /usr/lib/ssh/sshd
Signal process 702 (whose parent is process 1):
kill -1 702
SSH X11 Tunneling Example
Possible Missing Font Message
This message may appear when using a remote
X server on a PC to run SMC:
Warning: Cannot convert string
*-140-*-*-p-*-iso8859-1" to type
The Java Virtual Machine running SMC on the
server is requesting a font that is not in the font
set of the remote X server.
This message may be safely ignored, but it can
be fixed by aliasing the font (see following).
Removing Font Error Message in Cygwin
Add the following as one complete line:
In an xterm window, force X server to re-read
fonts: xset fp rehash
Removing Font Error Message in X-Win32
Open the X-Util32 configuration utility.
Select Fonts Alias
Double-click 75dpi; double-click fonts.alias to
open Font Alias dialog box.
Enter in the Alias from field:
Enter in the Alias to field:
Running su When Tunnelling
Although a normal user can start SMC, usually want to run as
root (if not using RBAC) to avoid problems with loading some
When using su to switch to root, do not use the „–’ option,
otherwise the DISPLAY variable defining the local display will be
Initial Server Configuration
The smcboot native program waits for a
connection from a console program on port 898.
When a connection is received for the first time,
the real java-based server is called and displays
the above while the server initializes.
The default console
consists of three main
panes: Navigation, View,
There is a menu bar, tool
bar, status bar, and if
enabled, a location bar.
Context Help and
Console Event tabs are at
Choose Console Preferences to change:
Console (toolbox used)
Acts similar to a frame in
a web page.
Clicking on in item in this
pane will display this item
in the View pane.
Double-click on an item
or click on the turner icon
( ) to expand tree.
View and Information Panes
View Pane – shows information related to selected
node in navigation pane.
Information Pane – on bottom; either displays context-
sensitive help or console events depending on
The default toolbox
contains tools for:
Even when running as root, selecting a tool will require
logging in as root. If using RBAC, login as a role name
System Status – System Information
System Status – Log Viewer
The log view defaults
to events logged by the
WBEM logging service
Syslog files may be
chosen by selecting
drop down box labeled
Log File, but view must
be manually refreshed.
Note: the OpenWindows xconsole program provides a continually updated
display of console messages in an Xwindow; it should be run as root:
/bin/su root –c “/usr/openwin/bin/xconsole –daemon –verbose”
System Status – Performance
Displays performance data
based on projects, user, or
Basically useless in System
mode: the display blanks while
system gathers new data,
information appears briefly,
then blanks for next cycle.
Project and User screens are
Before running: be sure to
General from default 30
seconds to longer time period
to have a chance of seeing
System Status – Processes
Use View Filter to
search for an individual
Right-click on an
individual process to see
suspend a process,
resume a suspended
process, or kill („delete‟) a
System Configuration – User Accounts
Allows viewing or
modification of individual
Probably best method for
working with RBAC.
Multiple users can be
added in a batch
operation (see Adding
User Properties (1)
User Properties (2)
User Properties – Home Directory
change the entry in
the user and
rename the old
home directory to
the new name.
Users – Adding Multiple Users
An SMC wizard can be used to add multiple users by
User types each name
Generate automatic prefix followed by numeric sequence
Use text file in a format similar to /etc/passwd; minimum should
have: newdudeid:New Dude
Other batch operations on users (add, delete, modify)
can be performed at the command line using the
Users – User Templates
are a named
that can be
used as the
starting point for
Users – Rights
Actually RBAC Rights
Profiles, a collection of
or other rights.
Rights could be directly
assigned to a user, but
better to assign to a role,
then assign the role to
The next slide shows a
rights profile for User
Right Properties for User Security
Users – Administrative Roles
No roles are predefined.
Sun suggests creating Primary Administrator, System
Administrator, and Operator rights profiles.
This example adds a password.operator role for handling
user password requests.
Adding an Administrative Role (2)
A password is
required, to be used
when a user switches
to the role.
The predefined User
Security right is
added; note the
Adding an Administrative Role (3)
Roles are structured
similarly as users,
including a home
After a role is defined,
add regular users to
Adding an Administrative Role (4)
The final review
creating the role.
The finished role on
User Groups and Mailing Lists
Note that users can be
pasted into a selected
Mailing Lists provides
an convenient front-
end for the sendmail
System Configuration – Projects
Manages the Solaris project database.
A project is a way of identifying related work by users in
The right screen shows Performance grouped by
System Configuration – Computers and Networks
For working with
ethers, hosts, and
System Configuration – Patches
Patch Tool Configuration
Analyze and Add Patches, and Download Patches tools will fail if not
configured; even then the smpatch command is often more successful.
Cannot be configured in SMC, must use smpatch command as root:
smpatch set patchpro.sun.user=yourSunsolveId
smpatch set patchpro.sun.passwd=yourSunsolvePassword
To see settings:
# smpatch get
patchpro.backout.directory - "“
patchpro.patchset - patchdb
patchpro.proxy.host - "“
patchpro.proxy.passwd **** ****
patchpro.proxy.port - 8080
patchpro.proxy.user - "“
patchpro.sun.passwd **** ****
patchpro.sun.user yourid@youridemail ""
Services – Scheduled Jobs
Provides a human-friendly front-end to cron,
instead of editing by hand with crontab –e
Command-line equivalent is smcron
Add Scheduled Job Wizard
Mounts and Shares – Creates and manages mounts
Disks – Display disk properties and create partitions
Enhanced Storage – Solaris Volume Manager; create
and manage volumes, soft partitions, hot spare pools,
disk sets, and state database replicas.
Storage Tool Mounts and Shares – Mounts
Mounts and Shares – Mount Properties
Mounts and Shares – Usage
Storage – Disks
Storage – Disk Properties and Partitions
Storage – Partitioning a Disk
Enhanced Storage – Volume Properties (1)
Enhanced Storage – Volume Properties (2)
Enhance Storage – State Database Replicas
Currently the Devices tool only works with serial
ports and modems.
SMC Command-line Tools
smc Starts the Solaris Management Console
smcron Manages crontab jobs
smdiskless Manages diskless client support
smexec Manages entries in the exec_attr database
smgroup Manages group entries
smlog Manages and views WBEM log files
smmultiuser Manages bulk operations on multiple user accounts
smosservice Adds OS services and diskless client support
smpatch Manage patches
smprofile Manages profiles in the prof_attr and exec_attr databases
smrole Manages roles and users in role accounts
smserialport Manages serial ports
smuser Manages user entries
RBAC Command-line Tools
auths Print authorizations granted to a user
profiles Displays execution profiles for a user
roleadd Administer a new role account on the system
roles Print roles granted to a user