LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

211

212

213

214

215

216

217

218

219

220

When you use the ldap_proxy_config -A -i command to configure an

Admin Proxy user interactively from stdin, the configuration procedures are

similar to the procedures used by the ldap_proxy_config -i command for

a proxy user.

When configuring an Admin Proxy user, if you only enter the Admin Proxy user's

DN without password, the root's password will be used instead.

-f file configures the proxy user from the specified file (file). The file specification

must contain two lines: the first line must be the proxy user DN, and the second

line must be the proxy user credential or password.

CAUTION: After using this option you should delete or protect the file as it

could be a security risk.

-d DN sets the proxy user distinguished name to be DN. To use this option, the

/etc/opt/ldapux/pcred file must exist.

-c passwd sets the proxy user credential or password to be passwd. To use this option, the

/etc/opt/ldapux/pcred file must exist.

-p

prints the distinguished name of the current proxy user.

-v

verifies the current proxy user and credential by connecting to the server.

-h

displays help on this command.

With no options, ldap_proxy_config configures the proxy user as specified in the file /etc/

opt/ldapux/pcred.

For the proxy user, if you switch the authentication method between simple and DIGEST-MD5,

you need to use the ldap_proxy_config -e command to delete /etc/opt/ldapux/pcred,

then use the ldap_proxy_config -i command to reconfig the proxy user.

For the Admin Proxy user, if you switch the authentication method between simple and

DIGEST-MD5, you need to use the ldap_proxy_config -A -e command to delete /etc/

opt/ldapux/acred, then use the ldap_proxy_config -A -i to reconfigure the Admin

Proxy user.

7.2.6.2 Examples

The following example configures the proxy user as uid=proxyuser1,ou=special

users,o=hp.com with the password prox1pw and creates or updates the file /etc/opt/

ldapux/pcred with this information, the proxy user uses the simple authentication:

ldap_proxy_config -i

uid=proxyuser1,ou=special users,o=hp.com

prox1pw

The following example configures the proxy user as uid=proxyusr2,ou=special

users,o=hp.com with password prox2pw, and creates or updates the file /etc/opt/ldapux/

pcred with this information. The proxy user uses the SASL DIGEST-MD5 authentication and

uses the DN to generate the DIGEST-MD5 hash.

ldap_proxy_config -i

uid=proxyusr2,ou=special users,o=hp.com

prox2pw

CR>

The following example configures the proxy user as uid=proxyusr3,ou=special

users,o=hp.com, UID proxyusr3 and password prox3pw, and creates or updates the file

/etc/opt/ldapux/pcred with this information. The proxy user uses the SASL/DIGEST-MD5

authentication and uses the UID to generate the DIGEST-MD5 hash.

ldap_proxy_config -i

uid=proxyusr3,ou=special users,o=hp.com

7.2 Client management tools 217