LDAP-UX Client Services B.04.10 Administrator's Guide (edition 7)

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

131

132

133

134

135

136

137

138

139

140

The ldap_proxy_config Tool

This tool, found in /opt/ldapux/config, configures a proxy user or an Admin Proxy user for the

client accessing the directory. It stores the encrypted proxy user information in the

file/etc/opt/ldapux/pcred. The encrypted Admin Proxy user information is stored in the

file /etc/opt/ldapux/acred. If you are using only anonymous access, you do not need to

use this tool. You must run this tool logged in as root.

Syntax

ldap_proxy_config [options]

where optionscan be any of the following:

-A

Action applies to the Admin Proxy user. This option must be specified with other

option to apply the operation for the Admin Proxy user.

-e

erases the currently configured proxy user from the file

/etc/opt/ldapux/pcred. Has no effect on the proxy user information in the

directory itself.

-i uses the -i option to configure the proxy user interactively from stdin. Use -A

-ioptions to configure an Admin Proxy user.

If you use ldap_proxy_config -i to configure the proxy user using the simple

authentication, type the command with -i then press Return. Next type the proxy

user DN then press Return. Finally type the proxy user's credential or password

and press Return.

If you configure the proxy user using the SASL DIGEST-MD5 with DN

authentication (i.e. use the DN to generate the DIGEST-MD5 hash), type the

command with -i then press Return. Next type the proxy user DN then press

Return. Next type the proxy user's credential or password and press Return.

Finally press Return.

If you configure the proxy user using the SASL DIGEST-MD5 with UID

authentication (i.e. use the UID attribute to generate the DIGEST-MD5 hash),

type the command with -i then press Return. Next type the proxy user DN then

press Return. Next type the proxy user's credential or password and press Return.

Finally type the proxy user's UID and press Return.

When you use the ldap_proxy_config -A -i command to configure an

Admin Proxy user interactively from stdin, the configuration procedures are

similar to the procedures used by the ldap_proxy_config -i command for

a proxy user.

When configuring an Admin Proxy user, if you only enter the Admin Proxy user's

DN without password, the root's password will be used instead.

-f file configures the proxy user from file. filemust contain two lines: the first line

must be the proxy user DN, and the second line must be the proxy user credential

or password.

CAUTION: After using this option you should delete or protect the file as it

could be a security risk.

-d DN sets the proxy user distinguished name to be DN. To use this option, the

/etc/opt/ldapux/pcred file must exist.

-c passwd sets the proxy user credential or password to be passwd. To use this option, the

/etc/opt/ldapux/pcred file must exist.

-p

prints the distinguished name of the current proxy user.

-v

verifies the current proxy user and credential by connecting to the server.

132 Command and Tool Reference