LDAP-UX Client Services B.04.00 with Microsoft Windows 2000/2003 Active Directory Administrator's Guide
Installing LDAP-UX Client Services
Planning Your Installation
Chapter 2 15
The specific number of domain controllers necessary in your network
depends on the network size and configuration. A minimum of two
Active Directory domain controllers are recommended for each
domain. For more information, refer to the Active Directory
documentation, or to http://www.microsoft.com/Windows2000 and
http://windowsupdate.microsoft.com.
• Where will you get your name service data when migrating the data
to the directory?
You can get the data from:
— /etc/passwd and /etc/group
— The same source files used to create your NIS maps, if using NIS
— The NIS maps
For information about importing information into the directory, refer
to “Importing Name Service Data into Your Directory” on page 32.
For information on migration scripts, refer to “Command, Tool, and
Migration Script Reference” on page 153.
To add an individual user entry or modify an existing user entry in
your directory, use the ldapmodify command or other directory
administration tools, such as the Active Directory Users and
Computers interface tool.
NOTE Keep a small subset of users in /etc/passwd, particularly the root
login. This allows administrative users to log in during installation
and testing. Also, if the directory is unavailable you can still log in to
the system.
• Where will name service data be located in your directory?
LDAP-UX Client Services, by default, expect user and group data to
use the object classes and attributes specified by RFC 2307. The
migration scripts for Active Directory, by default, populate the
existing Users container. Figure 2-1 on page 17 shows a base DN of
DC=cup, DC=hp, DC=com.
If you prefer to merge your name service data into an existing
directory structure, you can map the standard RFC 2307 attributes
to alternate attributes. Refer to Appendix B, “LDAP-UX Client
Services Object Classes,” on page 147.