LDAP-UX Client Services B.04.00 with Microsoft Windows 2000/2003 Active Directory Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

161

162

163

164

165

166

167

168

169

170

LDAP-UX Client Services Object Classes

Proﬁle Attributes

Appendix B150

Proﬁle Attributes

The attributes of PosixDUAProfile and PosixNamingProfile are

deﬁned as follows:

cn is the common name of the proﬁle entry.

attributeMap is a mapping from RFC 2307 attributes to alternate

attributes. Use this if your entries do not conform to

RFC 2307. Each entry consists of:

Service

Attribute

Altattribute

where

Service

one of the supported services: passwd, group, shadow,

or PAM.

Attribute

is an attribute of the service as

deﬁned by RFC 2307.

Altattribute

is the attribute

that should be used instead of the standard attribute.

For example, pam:userPassword=ntUserPassword

maps the userPassword attribute to ntUserPassword

for the PAM service.

passwd:uidnumber=employeeNumber maps the

uidnumber attribute to employeeNumber for the

passwd service.

NOTE The userPassword attribute is mapped to *NULL* to

prevent passwords from being returned for increased

security and to prevent PAM_UNIX from

authenticating users in the LDAP directory. Mapping

to *NULL* or any other nonexistent attribute means

do not return anything.

authenticationMethod is how the client binds to the directory. The

value can be

simple

indicating bind using a user name

and password. If this attribute has no value,

simple

the default.

bindTimeLimit is how long, in seconds, the client should wait to bind

before aborting. 0 (zero) means no time limit. If this

attribute has no value, the default is no time limit.