HP-UX 11i Version 2 June 2007 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Foundation OE LTU

171

172

173

174

175

176

177

178

179

180

Internet and Networking

LDAP-UX Integration

Chapter 7

171

This release supports dynamic groups, where users are dynamically added to groups

based on the conditional settings. The conditions can be specified with an LDAP

search filter or an LDAP URL. When a user data matches with the conditions, it

belongs to the dynamic group.

• PAM_AUTHZ Enhancements are as follows:

— PAM_AUTHZ supports LDAP account and password security policy enforcement

without requiring LDAP-based authentication. This feature supports

applications, SSH (Secure Shell) or r-commands with rhost enabled where

authentication is performed by the command itself.

— PAM_AUTHZ provides dynamic variable support for the ldap_filter type of the

access rule in the /etc/opt/ldapux/pam_authz.policy file.

— This releases introduces a new PAM_AUTHZ access rule, unix_local_user.

• TLS Support

This release supports a new extension operation of TLS (Transport Level Security)

protocol called startTLS to secure communication between LDAP clients and the

LDAP directory server. You can utilize the StartTLS operation to set the secure

connection over a regular (an un-encrypted) LDAP port, such as port 389.

• Schema Extension Utility

This release provides a new schema extension utility, ldapschema. This utility

allows schema developers to define LDAP schemas using a universal XML syntax,

greatly simplifying the ability to support different directory server variations.

• Support for Microsoft Windows 2003 Release 2 Active Directory Server

Windows 2003 R2 ADS provides the R2's RFC2307 schema which is compliant with

the IETF RFC2307 standard.

Impact

LDAP-UX Integration B.04.10 provides new features and defect fixes.

Compatibility

There are no known compatibility issues.

Performance

There are no known performance issues.

Documentation

Refer to the following documentation available at http://docs.hp.com/en/internet.html

• LDAP-UX Client Services B.04.10 Administrator's Guide

• LDAP-UX Client Services B.04.10 with Microsoft Windows Active Directory Server

Administrator's Guide

• LDAP-UX Integration B.04.10 Release Notes