LDAP-UX Client Services B.04.15 Administrator's Guide

serv-auth: keyserv:sasl/digest-md5

auth opts: username: uid realm:

For subsequent LDAP-UX client systems that share the same profile configuration, use the

following steps to download and activate the profile:

1. Login as root.

2. Go to /opt/ldapux/config:

cd /opt/ldapux/config

3. Use /opt/ldapux/config/get_profile_entry to download the modified LDIF profile:

./get_profile_entry -s nss

4. Run the /opt/ldapux/config/display_profile_cache tool to check the configuration

of the serviceAuthenticationMethod attribute:

./display_profile_cache

5. Restart the LDAP-UX Client daemon, ldapclientd, if you change the authentication

method from non-SSL to SSL. Otherwise, skip this step.

2.9.6 Configuring Name Service Switch

Configure the Name Service Switch (NSS) to enable the LDAP support for publickey.

You can save a copy of /etc/nsswitch.conf file and modify the original to add ldap support

to the publickey service. See /etc/nsswitch.ldap for a sample.

The following shows the sample file, /etc/nsswitch.ldap:

passwd:

files ldap group: files ldap hosts: dns files ldap networks:

files ldap protocols: files ldap rpc: files ldap publickey:

ldap [NOTFOUND=return] files netgroup: files ldap automount:

files ldap aliases: files services: files ldap

2.9 Configure LDAP-UX Client Services with Publickey Support 51