Kerberos Server Version 3.1 Release Notes HP-UX 11i v2 Edition 1 Manufacturing Part Number: B8725-90078 E1204 U.S.A. © Copyright 2004 Hewlett-Packard Development Company L. P. All Rights Reserved.
Legal Notices The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Printed in the United States Confidential computer software. Valid license from HP required for possession, use or copying.
HP Kerberos Server v3.1 Release Notes 1 HP Kerberos Server v3.
HP Kerberos Server v3.1 Release Notes Announcement Announcement HP Kerberos Server v3.1, product number T1417AA is based on the client-server architecture. It ensures secure communication in a networked environment by leveraging individual trust relationships. It then brokers this trust across enterprise-wide distributed client-server networks. NOTE Kerberos Server Version 3.1 is an enhanced version of Kerberos Server Version 3.0.
What’s in This Version The following new features are included in Kerberos Server Version 3.1: • Kerberos Server Version 3.1 is now available on HP-UX 11iv2 September 2004 release (which is on both IPF and PA-RISC platforms).
HP Kerberos Server v3.1 Release Notes What’s in This Version NOTE If you have installed Kerberos Server Version 3.1 on your HP-UX 11i v2 IPF system, you do not need to install the current version (this release). • Support for storing Kerberos principal data in an LDAP Directory Server. Only supported with Netscape Directory server 6.0 (J4258CA), and later releases. • A context sensitive online help system is available with the Kerberos Server administrative tools kadminl_ui and kadmin_ui.
HP Kerberos Server v3.1 Release Notes Kerberos Server Version 3.1 Benefits and Features Kerberos Server Version 3.1 Benefits and Features The Kerberos Server is primarily a centralized network authentication system providing security solutions to geographically dispersed organizations. Listed below are some of the key features in Kerberos Server v3.1.
HP Kerberos Server v3.1 Release Notes Kerberos Server Version 3.1 Benefits and Features • High Availability This mechanism has been provided in this version of the Kerberos Server, by having the parent process always monitor the server daemon. If the server daemon dies or crashes, the parent process will automatically spawn a new server daemon.
HP Kerberos Server v3.1 Release Notes Kerberos Server Version 3.1 Benefits and Features By integrating the Kerberos principals with the corresponding users in the LDAP directory, you store data for mechanisms, such as UNIX and Kerberos in a common repository. Also, you can secure user credentials by mandating users to use LDAP credentials. Kerberos server v3.1 is compatible with Netscape Directory server version 6.0 (J4258CA) and later releases.
HP Kerberos Server v3.1 Release Notes Kerberos Server Version 3.1 Benefits and Features Local Administrator on the primary security server: /opt/krb5/admin/kadminl_ui Remote Administrator on secondary security servers and clients: /opt/krb5/bin/kadmin_ui NOTE You must add the first administrative principal using the Local Administrator, kadminl or kadminl_ui, located on the primary server before you can use the Remote Administrator, kadmin or kadmin_ui from a secondary server or client.
HP Kerberos Server v3.1 Release Notes Kerberos Server Version 3.1 Benefits and Features # kdb_dump -f /opt/krb5/dumpfilev3.1 Step 2. Use the krb_2_ldap utility to create the LDIF file. # krb_2_ldap -d -l Step 3. You must manually edit the LDIF file. Uncomment the first two lines of the LDIF file. Replace the DN name and the changetype, if necessary. Step 4.
HP Kerberos Server v3.1 Release Notes Known Problems and Workarounds Known Problems and Workarounds • Problem If the attribute, hpKrbPrincipal, is not indexed, the performance of the Kerberos server may degrade. Workaround Index the LDAP database with the Principal names. • Problem If the connection to the LDAP server is terminated the Kerberos server may fail to respond to client requests. Workaround Restart the Kerberos server.
HP Kerberos Server v3.1 Release Notes Compatibility Information and Installation Requirements Compatibility Information and Installation Requirements Installation Requirements Before you install the server, it is recommended that you: • Ensure that you have the HP-UX 11i v2 operating system installed on your system. You can check the version of the HP-UX operating system by using the uname -r command.
HP Kerberos Server v3.1 Release Notes Compatibility Information and Installation Requirements Hardware Requirements • HP Integrity workstations or servers Disk Space Required To Install This product requires 12 Mbytes of disk space. Install With System Up or Down Install this product with the system up. The system does not need to be rebooted after the product has been installed.
HP Kerberos Server v3.1 Release Notes Compatibility Information and Installation Requirements The swinstall utility loads the filesets. Estimated installation time is five minutes. If the installation is not successful, an error message is displayed. The cause of the failure will appear at the end of the /var/adm/sw/swagent.log file. NOTE Chapter 1 The Software Distributor is documented in Managing HP-UX Software with SD-UX.
HP Kerberos Server v3.1 Release Notes Software Availability in Native Languages Software Availability in Native Languages There is no information in non-English languages for this version of Kerberos server v3.1.
