LDAP-UX Client Services B.05.00 Administrator's Guide
/etc/passwd and /etc/netgroup files. If the /etc/opt/ldapux/pam_authz.policy
file exists in the system, PAM_AUTHZ uses the access rules defined in the policy file to
determine who can log in to the system.
For detailed information on this feature and how to configure the /etc/opt/ldapux/
pam_authz.policy file, see Section 5.3 (page 140) or the pam_authz(5) manpage.
• Do you want to configure the /etc/opt/ldaux/pam_authz.policy to enforce account
and password policies, stored in an LDAP directory server?
LDAP-UX provides PAM_AUTHZ enhancement to support enforcement of account and
password policies, stored in an LDAP directory server. This feature works in conjunction
with secure shell (ssh), r-commands (rlogin, rcp, and so forth) with rhost enabled where
authentication is not performed by the PAM subsystem, but is performed by the command
itself.
For detailed information on this feature and how to configure the pam_authz.policy file,
see Section 5.3.10 (page 153).
• How will you communicate with your user community about the change to LDAP?
For the most part, your user community should be unaffected by the directory. Most HP-UX
commands will work as always.
Check the Release Notes for any other limitations and tell your users how they can work
around them.
2.4.3 Installing LDAP-UX Client Services on a client
Use swinstall to install the LDAP-UX Client Services software, the NativeLdapClient
subproduct, on a client system. For more information about the command, see the swinstall(1M)
manpage. In addition, see the LDAP-UX Integration B.05.00 Release Notes for any last-minute
changes to this procedure. You do not need to reboot your system after installing the product.
NOTE: Starting with LDAP-UX Client Services B.03.20 or later, system reboot is not required
after installing the product.
NOTE: For the HP 9000 and HP Integrity server client systems, you might need to install
required patches. For the detailed information about the required patches, see LDAP-UX Integration
B.05.00 Release Notes at:
http://www.hp.com/go/hpux-security-docs
Click HP-UX LDAP-UX Integration Software.
64 Installing and configuring LDAP-UX Client Services