LDAP-UX Client Services B.04.00 with Microsoft Windows 2000/2003 Active Directory Administrator's Guide
Installing LDAP-UX Client Services
Configuring Active Directory for HP-UX Integration
Chapter 226
IMPORTANT When installing SFU version 2.0, ensure that you choose Customized
Installation at the Installation Options screen. This allows you to
select the Server for NIS component for installation.
When installing SFU version 3.0 or 3.5, the Server for NIS will be
installed by default.
For corresponding Windows objects that exist in Active Directory (such
as password and group), Server for NIS adds POSIX attributes to the
same object creating a unique object representing both POSIX and
Windows identities.
For example, information needed for a UNIX user is stored in Active
Directory as part of the Active Directory Domain Users group. To allow
storing POSIX attributes, Server for NIS extends the Users group with
msSFUPosixAccount as its auxiliary class (SFU version 2.0). This allows
POSIX attributes to be added to newly created objects of the User class.
NOTE Version of SFU above 2.0 include the version string in these attribute
names (i.e. msSFU30IpService).
More information on SFU can be found on the Microsoft web site at
http://www.microsoft.com/windows2000/sfu/.
Step 3: Create a Proxy User
The use of a proxy user is mandatory for Active Directory, as anonymous
binding done not grant enough access rights to retrieve user, group, or
any other name service data.
Use the Windows 2000 management tool, Active Directory Users
and Computers, to add a proxy user as a member of the "Domain Users"
group. The proxy user is used by the LDAP-UX clients to bind to the ADS
for access to the name service data on the ADS. For example, you might
add a user:
CN=Proxy User, CN=Users, DC=cup, DC=hp, DC=com