Manualshelf

Integrating HP-UX 11.x Account Management and Authentication with Microsoft Windows 2000

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
17181920212223242526
21
Administration
The administrative tasks for users and groups will become a lot easier for system administrators. On the other hand, the
integration will not cause any changes for end users.
System administrator
Although most user accounts and groups can be stored in AD, the HP-UX local /etc/passwd still has its value. It is
recommended the super user account (root) to be configured in /etc/passwd, so that even if the network is down, root still can
login to perform necessary tasks for recovery. Some other special accounts should also reside in /etc/passwd, for example,
bin, adm, daemon, and others. They are specific to UNIX-platforms.
Except for those few accounts to be kept in the local /etc/passwd file, with the integration, Active Directory can become a user
and group data repository for both Windows 2000 and HP-UX. The system administrator will mostly utilize the Windows
2000 management tool, Active Directory Users and Computers, to administer user accounts and group information, including
performing the following tasks:
Add and delete groups
If a group to be added is for HP-UX, or both HP-UX and Windows 2000, you, as an administrator, need to get a group ID
after the group is created successfully. The following shows you how to do it:
click on the group you want to modify and choose “Properties” from the “Action” pane. A property screen with
several properties is displayed, choose “UNIX Attributes”.
choose a domain from the list for the “NIS Domain” field. If you did not create an NIS domain explicitly, SFU 2.0
creates a default one for you based on your domain root.
fill in the fieldGID (Group ID)”.
You can apply the same procedure to an existing Windows 2000 group, if you want to use the group for HP-UX users.
If you want to add posix users into the group, you will have to use ADSI Editor and add the posix users’ msSFUName to the
group’s memberUid.
To delete a group, click on the group you want to delete from the list, then click on “Delete” from the “Action” pane.
Add and delete user accounts
If a user to be added is for HP-UX, or both HP-UX and Windows 2000, you need to add some posix account specific
information after the account is created successfully:
click on the user you want to modify and choose “Properties” from the “Action” pane.
a property screen with several properties is displayed, choose “UNIX Attributes”,
choose an NIS domain for the “NIS Domain” field.
fill in the fields: “UID”, “Login Shell”, “Home Directory”, and “Primary group name/GID”. They correspond to the
fields in /etc/passwd.
The above procedure can also be applied to a Windows 2000 account which wants the capability to log into HP-UX.
To delete the account, click on the user you want to delete from the user list, then click on “Delete” from the “Action” pane.