LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

171

172

173

174

175

176

177

178

179

180

ipHostNumber: 16.92.96.116

dn: cn=baker,ou=Hosts,dc=mydomain,dc=example,dc=com

cn: baker

ipHostNumber: 16.89.146.146

CAUTION: If you used guided installation to configure LDAP-UX on a host, removing that

host entry also removes the proxy user defined for that host. Removing the host’s proxy user

entry disables the ability of the OS to use LDAP as an OS management repository. When you

use guided installation to create a directory server, that directory server will require authenticated

access to itself before returning any data. The host’s proxy user entry is used to define a way for

the host’s OS to authenticate to the directory server. Removing the proxy user (host entry)

terminates ldapclientd's ability to bind to the directory server. For example, if we remove the

proxy user entry for the current host, the following error occurs:

# ldaphostmgr -d "$(hostname)"

bind-dn [uid=domadmin,ou=People,dc=mydomain,dc=eample,dc=com]:

Password:

# ldaphostlist

ERROR: BIND_ERR:

Failed to bind to the directory server.

You can restore the host’s proxy entry and restore the proxy credential file as follows. You will

need to define a new password in order to re-recreate the proxy credentials:

# ldaphostmgr -a -P -f -k all -S "$(hostname)"

bind-dn [uid=domadmin,ou=People,dc=mydomain,dc=eample,dc=com]:

Password:

Host password:

Re-enter host password:

added DN: cn=brewer,ou=Hosts,dc=mydomain,dc=eample,dc=com

# su

Password:

# /opt/ldapux/config/ldap_proxy_config -i << EOD

> cn=brewer,ou=Hosts,dc=mydomain,dc=eample,dc=com

> [Host Password From Above]

> EOD

5.6.4 Managing IP addresses

Use the -i option to add or remove IP addresses to or from host entries. Without flags, the -i

option adds an additional IP address to a host entry. If you have a host with multiple IP interfaces,

you can use -i to add any additional IP addresses that have not yet been registered. For example:

# ldaphostlist -n brewer

dn: cn=brewer,ou=Hosts,dc=mydomain,dc=example,dc=com

cn: brewer

ipHostNumber: 16.92.96.113

# ldaphostmgr -i 192.168.10.10 brewer

bind-dn [uid=domadmin,ou=People,dc=mydomain,dc=example,dc=com]:

Password:

# ldaphostlist -n brewer

dn: cn=brewer,ou=Hosts,dc=mydomain,dc=example,dc=com

cn: brewer

5.6 Managing hosts in an LDAP-UX domain 177