LDAP-UX Client Services B.05.00 Administrator's Guide
a Windows domain name, or press Return to create a new directory
server on this host: acct1053 Return
NOTE: Unless you pre-install a CA or server certificate for the directory server, the
autosetup tool has no means of validating the identity of the remote directory server
(acct1053). The tool can download and permanently install the CA or server certificate
for the server; however, the server might be an impostor.
If the specified server was not created by the guided installation, you can obtain the CA or
server certificate directly from the server (in /etc/opt/ldapux) and pre-install it on your
host. For more information, see Section 2.4.6.2 (page 79).
If the CA certificate is not installed on your local host at this point of the guided installation,
autosetup warns you that it cannot validate the identity of the remote server and suggests
installing the CA certificate. You can abort so that you can install the CA certificate before
proceeding with the rest of the guided installation, or you can continue, trusting the CA
certificate that will be installed automatically by autosetup.
This example assumes the CA certificate has already been installed; therefore, you will not
see the warning and the prompt asking whether to abort or continue.
4. The script then asks for the DN of the directory server user who can add the local host to
the directory server's LDAP-UX domain. This is any host administrator with such privileges
(a member of the DomainAdmins group). In this example, the DN for the user with such
privileges is uid=domadmin,ou=people,dc=calif,dc=acme,dc=com. The server's
DNS domain in this example is calif.acme.com; this will be the name of the LDAP-UX
domain configured by autosetup. Because the LDAP-UX domain has already been set up
on the directory server, LDAP-UX should not need to extend the server's schema. Instead,
the credentials entered at this prompt merely need the privilege to add information about
the current HP-UX host to the directory server.
Please enter the DN of a user that has sufficient privilege to add this host
to the "calif.acme.com" domain. Note also that if this is the first
time adding an HP-UX host to this directory server, LDAP-UX may
also need to extend the server's schema. Please enter the DN of an
Administrator with these privileges or press Return for the default value.
[uid=domadmin,ou=people,dc=calif,dc=acme,dc=com]: Return
5. Enter the password for the user identified in the preceding step (the entered password is
not visible):
Enter the password for the above user: [password not displayed] Return
The installation now begins, followed by other related tasks; autosetup displays the progress
and results, as in the following example. Because an existing LDAP-UX configuration profile
does exist, autosetup downloads the existing profile from the directory server instead of
creating a new one. The profile and the associated LDAP-UX domain will be based on the existing
directory tree. In addition, autosetup provisions information about the local host into the
existing directory server.
* Extending schemas ... done.
* Downloading profile from DS ... done.
* Configuring ldapux_client.conf ... done.
* Provisioning LDAP-UX Client information into the Directory Server ... done.
* Setting up proxy user ... done.
* Configuring "/etc/nsswitch.conf" and "/etc/pam.conf" to use ldap ... done.
* Starting ldapclientd daemon ... done.
* Starting ldapcconfd ... done.
LDAP-UX was successfully configured.
2.3 Guided installation (autosetup) 55