LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

271

272

273

274

275

276

277

278

279

280

7.3.8.8 External Influences

7.3.8.8.1 Environment Variables

The ladpahostmgr tool supports the following environment variables:

LDAP_HOSTCRED When used in combination with the -PW option, LDAP_HOSTCRED

specifies the proxy password of the newly created host. Also, if the ldapux(5)

attributed mapping for the userPassword attribute has not been defined

or set to “*NULL*”, ldaphostmgr creates new passwords in the

userPassword attribute.

LDAP_BINDDN

Specifies the DN of a user with sufficient directory server privilege to create

new users and/or groups in the LDAP directory server. While this variable

is optional, if LDAP_BINDDN is specified, LDAP_BINDCRED must also

be specified. Furthermore, if ldaphostmgr is used to manage information

about a remote host, and the -k or -I option is specified, the specified

LDAP_BINDDN must also represent a POSIX account, such that

ldaphostmgr can remotely connect to that host to discover/modify that

information on the remote host. When doing so, the POSIX ID of the

specified user is used to remotely log in to the host.

LDAP_BINDCRED

Specifies a password or other type of credential used for the user specified

by the LDAP_BINDDN. While this variable is optional, if

LDAP_BINDCRED is specified, LDAP_BINDDN must also be specified.

7.3.8.8.2 LDAP-UX Profile

ldaphostmgr makes use of the LDAP-UX configuration profile to determine the information

model used in the directory server to store POSIX attributes. Refer to the LDAP-UX Client Services

Administrator's Guide for additional information about the configuration profile.

7.3.8.9 Limitations

• Since LDAP directories require data be stored according to the UTF-8 (RFC3629) character

encoding method, all characters passed into ldaphostmgr are assumed to be UTF-8, and

part of the ISO-10646 character set. ldaphostmgr does not perform conversion of the locale

character set to/from the UTF-8 character set.

7.3.8.10 Examples

Examples of how to use ldaphostmgr can be found in the LDAP-UX Client Services Administrators

Guide.

7.3.8.11 See Also

ldaphostlist(1m), ldapugadd(1m), ldapugmod(1m), ldapugdel(1m), ldapcfinfo(1m) and ldapux(5)

7.3.9 ldaphostlist tool

Use the ldaphostlist tool to display and enumerate host entries that reside in an LDAP-based

directory server. Although ldaphostlist provides output similar to the ldapsearch command,

it satisfies a few specific feature requirements. These features allow applications to discover and

evaluate hosts stored in an LDAP directory server without requiring intimate knowledge of the

methods used to retrieve and evaluate that information in the LDAP directory server. In addition,

ldaphostlist can be used to discover expiration information about ssh host keys, if that

information is managed in the directory server. Except for the optional trailing attr list, the

tool's parameters are not positional-dependent. Unless the trailing attr list is provided,

ldaphostlist only displays the cn (host name) and ipHostNumber (IP Address) attributes.

The ldaphostlist tool provides the following functions:

7.3 LDAP user and group management tools 277