LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

351

352

353

354

355

356

357

358

359

360

E Samples of LDAP-UX configuration files created or

modified by autosetup

The sections in this appendix provide samples of the configuration files modified or created by

the autosetup:

• Section E.1: NSS configuration file /etc/nsswitch.conf

• Section E.2: PAM configuration file /etc/pam.conf

• Section E.3: Startup configuration file /etc/opt/ldapux/ldapux_client.conf

• Section E.4: Client daemon configuration file /etc/opt/ldapux/ldapux_client.conf

E.1 NSS configuration file after autosetup configuration

The autosetup script automatically configures the NSS configuration file /etc/nsswitch.conf

(in addition to the PAM configuration file /etc/pam.conf file, as documented in Section E.2

(page 359)) to support the LDAP backend. To configure the NSS module, autosetup first

determines whether the /etc/nsswitch.conf file exists. If the file does not exist on the system,

autosetup creates the /etc/nsswitch.conf file as shown:

# /etc/nsswitch.conf:

# The file is created by autosetup of LDAPUX only if the system does

# not have /etc/nsswitch.conf exist during the autosetup is executing.

passwd: files ldap

group: files ldap

hosts: dns [NOTFOUND=return] files ldap

ipnodes: dns [NOTFOUND=return] files

networks: files

protocols: files

rpc: files

publickey: files

netgroup: files

automount: files

aliases: files

services: files

E.2 PAM configuration file after autosetup configuration

The autosetup script configures LDAP support by adding, for all services of each service

module type (auth, account, session, and password) defined in the /etc/pam.conf file, the

PAM_LDAP library object /usr/lib/security/libpam_ldap.so.1 after the line that

defines the PAM_UNIX module libpam_unix.so.1 on an HP-UX 11i v2 or v3 system. The

following shows the /etc/pam.conf file after it has been modified by autosetup.

# PAM configuration

# Notes:

# If the path to a library is not absolute, it is assumed to be

# relative to one of the following directories:

# /usr/lib/security (PA 32-bit)

# /usr/lib/security/pa20_64 (PA 64-bit)

# /usr/lib/security/hpux32 (IA 32-bit)

# /usr/lib/security/hpux64 (IA 64-bit)

# The IA file name convention is normally used; for example:

# libpam_unix.so.1

# For PA libpam_unix.so.1 is a symbolic link to the PA library:

# ln -s libpam_unix.1 libpam_unix.so.1

# Also note that the use of pam_hpsec(5) is mandatory for some of

# the services. See pam_hpsec(5).

# Authentication management

E.1 NSS configuration file after autosetup configuration 359