LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

181

182

183

184

185

186

187

188

189

190

cd /opt/ldapux/config

./display_profile_cache

You can also find out from where in the directory the client downloaded the profile by displaying

the file /etc/opt/ldapux/ldapux_client.conf and looking for the line beginning with

PROFILE_ENTRY_DN, for example:

grep ^PROFILE_ENTRY_DN /etc/opt/ldapux/ldapux_client.conf

PROFILE_ENTRY_DN="cn=profile1,ou=hpuxprofiles,o=hp.com"

5.11 Creating a new configuration profile

To create a new profile, run /opt/ldapux/config/setup. When setup asks you for the distinguished

name (DN) of the profile, give a DN that does not exist and setup will prompt you for the

parameters to build a new profile. The setup program also configures the local client to use the

new profile.

Alternatively, you could use your directory administration tools to make a copy of an existing

profile and modify it.

You can also use the interactive tool create_profile_entry to create a new profile as follows:

cd /opt/ldapux/config

./create_profile_entry

Once you create a new profile, configure client systems to use it as described in Section 5.13

(page 183).

5.12 Modifying a configuration profile

You can modify an existing profile directly using your directory administration tools, such as

the HPDS Directory Server Console. For a description of the DUAConfigProfile object class, its

attributes, and what values each attribute can have, see “LDAP-UX Client Services object classes”

(page 349).

The ldapentry tool can also be used to modify the existing profile. This can be done with the

following command:

DNPROFILE="/opt/ldapux/bin/ldapcfinfo -P | grep "^dn:" | cut -d" " -f

2-)"

$ /opt/ldapux/bin/ldapentry -m "$DN_of_profile"

$ cd /opt/ldapux/config

$ ./get_profile_entry -s nss

After modifying a profile, each client that regularly downloads its profile automatically will get

the changes as scheduled. See Section 2.5.8 (page 113) for details.

5.13 Specifying a different profile for client use

Each client uses the profile specified in its start-up file /etc/opt/ldapux/ldapux_client.conf. To

make a client use a different profile in the directory, edit this file and change the DN specified

in the PROFILE_ENTRY_DN line. Then download the profile as described in Section 2.5.8

(page 113).

5.14 Changing from anonymous access to proxy access

If you have anonymous access and you want to change to using a proxy user, do the following:

1. Create the proxy user in the directory. With HP-UX Directory Server, you can use the

Directory Server Console.

2. Change the credentialLevel attribute in your profile to be "proxy".

If you want proxy access with anonymous access as a backup if proxy access fails, change

credentialLevel to be "proxy anonymous".

5.11 Creating a new configuration profile 183