Manualshelf

LDAP-UX Client Services B.04.00 with Microsoft Windows 2000/2003 Active Directory Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
51525354555657585960
Installing LDAP-UX Client Services
Configuring LDAP-UX Client Services
Chapter 242
this are shown later in this step. Additional information can be found in
the Configuration Guide for Kerberos Products on HP-UX, available at
http://docs.hp.com/hpux/internet.
In order to support integration with Active Directory server, a specific
version of the PAM-Kerberos product is required. On HP-UX 11i v1,
version 1.11 of the PAM-Kerberos product is required. On HP-UX 11i v2,
version 1.23 of the PAM-Kerberos product is required.
If you wish to also use SASL/GSSAPI for proxied authentication, version
1.3.5.03 of the Kerberos Client product is required. Version 1.3.5.03 of
the Kerberos Client is a replacement for the KRB5-Client components of
the core HP-UX OS. This version is planned to be made available late
June, 2005. Please note that the KRB5CLIENT product is a superior
product to previous KRB5-Client patches (such as PHSS_33384).
Although patch PHSS_33384 is required, and designed to install over the
core Kerberos client patch, and it will not overwrite the KRB5CLIENT
product. For more information, refer to Kerberos Client Version 1.3.5.03
Release Notes available at http://docs.hp.com/hpux/internet.
Both "PAM Kerberos" (J5849AA) and "Kerberos Client" (KRB5CLIENT)
products can be downloaded from http://software.hp.com. They are
available at: http://
software.hp.com/portal/swdepot/displayProductInfo.do?productNumber
=J5849 AA and
http://software.hp.com/portal/swdepot/displayProductInfo.do?product
Number=KRB5CLIENT
Refer to the Configuration Guide for Kerberos Products in HP-UX
Release Notes, available at http://docs.hp.com/hpux/internet for any last
minute changes.
You also need to install the required patch. For patch infomation, refer to
LDAP-UX Client Services B.04.00 Release Notes available at
http://docs.hp.com/hpux/internet.
Step 3: Configure Your HP-UX Machine to
Authenticate Using PAM Kerberos
1. Create /etc/krb5.conf, the Kerberos configuration file which
specifies the default realm, the location of a Key Distribution Center
(KDC) server and the logging file names. The Kerberos client