Manualshelf

LDAP-UX Client Services B.04.15 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
41424344454647484950
can find the profile DN from PROFILE_ENTRY_DN in /etc/opt/ldapux/
ldapux_client.conf after you finish running the setup program. The following example
edits the profile entry "cn=ldapuxprofile,dc=org,dc=hp,dc=com":
For example:
cd /opt/ldapux/bin
./ldapentry -m "cn=ldapuxprofile,dc=org,dc=hp,dc=com"
After you enter the prompts for "Directory login:" and "password:", ldapentry will bring
up an editor window with the profile entry. You can add the
serviceAuthenticationMethod attribute.
The value of the serviceAuthenticatioMethod entry depends on the authentication
method you configure. The following shows the possible values of the
serviceAuthenticationMethod attribute:
For SASL DIGEST-MD5 using the Distinguish Name (DN) to generate the DIGEST-MD5
hash, the data in the entry is:
serviceAuthenticationMethod:keyserv:sasl/digest-md5:username=dn
For SASL DIGEST-MD5 using the UID attribute to generate the DIGEST-MD5 hash, the
data in the entry is:
serviceAuthenticationMethod:keyserv:sasl/digest-md5
For SASL DIGEST-MD5 with SSL enabled using the DN to generate the DIGEST-MD5
hash, the data in the entry is:
serviceAuthenticationMethod:keyserv:tls:sasl/digest-md5:username=dn
For SASL DIGEST-MD with SSL enabled using the UID attribute to generate the
DIGEST-MD5 hash, the data in the entry is:
serviceAuthenticationMethod:keyserv:tls:sasl/digest-md5
For simple authentication, the data in the entry is:
serviceAuthenticationMethod:keyserv:simple
For simple with SSL enabled, the data in the entry is:
serviceAuthenticationMethod:keyserv:tls:simple
For more information on ldapentry, refer to Command and Tool Reference (page 137).
NOTE: If you use TLS for secure communication between LDAP clients and the
Netscape/Red Hat Directory Server, you need to use Directory Server Console to manually
add the values of the serviceAuthenticationMethod attribute.
3. Go to /opt/ldapux/config:
cd /opt/ldapux/config
4. Use /opt/ldapux/config/get_profile_entry to download the modified LDIF profile:
./get_profile_entry -s nss
5. Run the /opt/ldapux/config/display_profile_cache tool to check the configuration
of the serviceAuthenticationMethod attribute:
./display_profile_cache
For example:
If the serviceAuthenticationMethod:keyserv:sasl/digest-md5 entry is added
to the profile entry in the LDAP directory, you can see the following information when you
run the display_profile_cache tool:
50 Installing And Configuring LDAP-UX Client Services