Manualshelf

LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
41424344454647484950
============================================================================
Setting up the LDAP-UX client using the newly created directory server.
Loading CA certificate from directory server to local host ... done.
* Extending schemas ... done.
No LDAP-UX Configuration Profile was found. Creating a new one.
* Downloading profile from DS ... done.
* Configuring ldapux_client.conf ... done.
* Provisioning LDAP-UX Client information into the Directory Server ... done.
* Setting up proxy user ... done.
* Configuring "/etc/nsswitch.conf" and "/etc/pam.conf" to use ldap ... done.
* Starting ldapclientd daemon ... done.
* Starting ldapcconfd ... done.
LDAP-UX was successfully configured.
2.3.6.3 Post-installation steps for New Directory Server Installation mode
After completing a New Directory Server mode guided installation, perform these steps:
1. The autosetup process created a new HP-UX account, the Domain Administrator (also
known as domadmin). It also created three new groups: DomainAdmins, HostAdmins, and
UserAdmins. Ensure that the user and group numbers (UIDs and GIDs) of the information
you are importing or migrating does not collide with those numbers that were created by
autosetup, as explained in Section 2.5.1.1 (page 90).
2. Consider registering the new directory server using an LDAP server record in the host's
DNS domain (contact your DNS domain administrator). For more information, refer to RFC
2782.
3. When a new directory server instance is created, autosetup generates a CA and server
SSL/TLS certificate for this instance. The generated CA certificate can be distributed to other
HP-UX clients to pre-establish trust and confidentiality with the directory server just created.
The CA certificate has been conveniently packaged in a Software Distributor depot file. The
CA product found in this depot will install the CA certificate in the /etc/opt/ldapux/
cert8.db file on any host where you install the CA product. As a means to pre-establish
trust with the directory server, you can simplify distribution of this CA certificate by including
the CA product in an Ignite-UX depot. You can view the contents of this depot file with the
swlist -s /tmp/ca-west.acme.com.depot command.
4. Perform the post-installation configuration tasks documented in Section 2.5 (page 89), as
needed.
2.3.7 Guided installation steps: Existing Directory Server Installation mode
This section explains how to install LDAP-UX for the first time on a host that already has a valid
directory server. Section 2.3.7.1 (page 51) shows how to perform the guided installation
interactively, explaining step-by-step how to respond to each prompt for user input. Section 2.3.7.2
(page 53) shows how to run a completely-automated (silent mode) guided installation.
50 Installing and configuring LDAP-UX Client Services