LDAP-UX Client Services B.04.00.02 Release Notes
LDAP-UX Client Services Release Notes
Limitations in LDAP-UX Client Services
Chapter 130
• User and Group Migration
sAMAccountName must be unique across the entire domain. This
attribute, used for pre-Windows 2000 clients, is set by the migration
scripts to the value of the common name (CN).
For example, if a new group in a different section of the dictionary is
created to contain all UNIX users and the common name (CN) of this
group is a duplicate of an existing name, the migration will fail
because the sAMAccountName attribute is not unique. You can work
around this limitation by modifying the LDIF file to use a unique
value for sAMAccountName.
• Support of Referrals with Active Directory
Referrals with Active Directory are currently not certified.
• Changing the Password for a Disabled User
When a user whose account is stored in ADS is disabled by setting
the disable_uid_range flag in the /etc/opt/ldapux_client.conf file
on an HP-UX client system, and PAM_Kerberos is used as the
authenticating method, the passwd command will allow you to
change the password for the disabled user, since LDAP does not
control this subsystem.