LDAP-UX Client Services B.04.00 Administrator's Guide
Installing And Configuring LDAP-UX Client Services
Configure LDAP-UX Client Services with Publickey Support
Chapter 246
Configure LDAP-UX Client Services with
Publickey Support
LDAP-UX Client Services B.04.00 or later version supports discovery
and management of publickeys in an LDAP directory. Both public and
secret keys, used by the Secure RPC API can be stored in user and host
entries in an LDAP directory server, using the nisKeyObject
objectclass. Support for discovery of keys in an LDAP directory server is
provided through the getpublickey() and getsecretkey() APIs. You
can use chkey and newkey commands to manage user and host keys in
an LDAP server. The chkey -s ldap command is used to change user’s
secure RPC public key and secret key in an LDAP directory. The newkey
-u <username> -s ldap command is used to add new keys for users to
an LDAP directory while the newkey -h <hostname> -s ldap command
is used to create new keys for machines to an LDAP directory.
For detailed information on the newkey and chkey commands, refer to
newkey(1M), chkey(1), getpublickey(3N), getsecretkey() and
publickey(4) man pages.
HP-UX Enhanced Publickey-LDAP Software
Requirement on HP-UX 11i v1 or v2
Support for publickey through LDAP requires functionality
enhancement in LDAP-UX Client Services and an enhancement in the
ONC product. ONC with publickey LDAP support is available through
the HP-UX Enhanced Publickey-LDAP Software Pack (SPK) web
release.
To enable the publickey LDAP support, you must install the Enhanced
Publickey-LDAP software bundle shown on Table 2-2 and LDAP-UX
Client Services B.04.00 or later on your client systems. The software
bundle contains all the required patches plus the enablement product for
this new feature. On HP-UX 11i v3, the software bundle is not required.
For detailed information, refer to the ONC with Publickey LDAP Support
Software Pack Release Notes at the following web site:
http://docs.hp.com/en/netcom.html