Manualshelf

LDAP-UX Client Services B.04.10 with Microsoft Windows Active Directory Server Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
51525354555657585960
the server. In the B.03.00 release, LDAP-UX can automatically download the profile if the following
two conditions are met:
If the first LDAP-UX creating the profile entry in the directory uses a standard profile path
(for example, CN=ldapuxprofile,CN=configuration,DC=ca,DC=hp,DC=com)
If LDAP-UX clients use the same DNS for ADS, which can support service location resource
records (SRV) described in RFC 2052
When an LDAP-UX client binds to ADS, if the profile does not exist locally, LDAP-UX queries
DNS for the server and port information, then connects to the server to download the profile
entry using the standard path. This feature eliminates administration costs to set up agreements
between domains. As long as the first LDAP-UX client creates the profile entry using the standard
path, the following LDAP-UX clients automatically download it.
NOTE: By default, the cn=configuration,DC=myorg,DC=mycom,DC=com configuration
container only exists in the root domain. To create the standard profile path for LDAP-UX,
manually create it in each domain using ADSI Edit before running the setup tool to configure
profiles.
Understanding the ldapux_client.conf Configuration File
When you set up LDAP-UX, the /etc/opt/ldapux_client.conf file is automatically created
to specify where the directory is located, the profile data path, and the logging configuration. In
previous releases, typically, this file has the following contents:
Service: NSS
LDAP_HOSTPORT="192.1.2.3:389"
PROFILE_ENTRY_DN="cn=caprofile,
CN=Configuration,DC=ab,DC=ny,DC=com"
PROGRAM="/opt/ldapux/config/create_profile_cache"
With ADS multiple domain support, this file has been modified to contain more information. A
new keyword, PROFILE_ID, has been introduced to specify the role of each configuration section.
PROFILE_ID has three possible values:
"local"—specifies the information for the local domain.
Service: NSS
PROFILE_ID="local"
LDAP_HOSTPORT="serverA.ca.com:389"
PROFILE_ENTRY_DN="cn=caprofile,CN=Configuration,DC=ca,DC=com"
PROGRAM="/opt/ldapux/config/create_profile_cache"
"la.ca.com"—specifies the information for the remote domain.
PROFILE_ID="la.ca.com"
LDAP_HOSTPORT="serverB.la.ca.com:389"
PROFILE_ENTRY_DN="cn=ldapuxprofile,cn=configuration,dc=la,dc=ca,dc=com"
PROGRAM="/opt/ldapux/config/create_profile_cache -i
/etc/opt/ldapux/domain_profiles/ldapux_profile.ldif.la.ca.com -o
/etc/opt/ldapux/domain_profiles/ldapux_profile.bin.la.ca.com"
"gc"—specifies the information for GCS.
PROFILE_ID="gc"
LDAP_HOSTPORT="serverA.ca.com:389"
Understanding the ldapux_client.conf Configuration File 59