Manualshelf

LDAP-UX Client Services B.04.10 Administrator's Guide (edition 7)

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
81828384858687888990
5 Administering LDAP-UX Client Services
This chapter describes how to keep your clients running smoothly and expand your computing
environment. It describes the following topics:
Using The LDAP-UX Client Daemon (page 87)
Integrating with Trusted Mode (page 95)
PAM_AUTHZ Login Authorization (page 98)
Adding a Directory Replica (page 116)
Displaying the Proxy User's DN (page 116)
Verifying the Proxy User (page 116)
Creating a New Proxy User (page 116)
Displaying the Current Profile (page 117)
Creating a New Profile (page 117)
Modifying a Profile (page 118)
Changing Which Profile a Client Is Using (page 118)
Changing from Anonymous Access to Proxy Access (page 118)
Changing from Proxy Access to Anonymous Access (page 118)
Performance Considerations (page 120)
Client Daemon Performance (page 120)
Troubleshooting (page 123)
Using The LDAP-UX Client Daemon
This section describes the following:
Overview of ldapclientd daemon operation.
Configurable parameters and syntax in the ldapclientd configuration file,
ldapclientd.conf.
Command line syntax and options for the ldapclientd command.
Overview
The LDAP-UX client daemon enables LDAP-UX clients t o work with LDAP directory servers.
It caches entries, supports multiple domains in the Windows 2000/2003 Active Directory Server
(ADS), supports X.500 group membership, automatically downloads the configuration profiles,
reuses connections to the LDAP Directory Server, and manages the remote LP printer
configuration.
The client daemon enables LDAP-UX to use multiple domains for directory servers like Active
Directory Server (ADS). The daemon also allows PAM Kerberos to authenticate posix users
stored in multiple domains.
Automatic Profile Downloading updates the LDAP client configuration profile by downloading
a newer copy from the directory server as the profileTTL (Time To Live) expires.
By default, the LDAP printer configurator is enabled, the client daemon, ldapclientd, automatically
searches printer objects configured in the LDAP server and executes lpshut, lpadmin and
lpsched commands to add, modify, and remove printers accordingly for the local system.
By default, ldapclientd starts at system boot time. The ldapclientd command can also be used
to launch the client daemon manually, or control it when the daemon is already running. Please
refer to the following section and the ldapclientd man page(s) for information about the
ldapclientd command and its parameters.
Using The LDAP-UX Client Daemon 87