Manualshelf

LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
61626364656667686970
IMPORTANT: Starting with LDAP-UX Client Services B.03.20, the client daemon, /opt/
ldapux/bin/ldapclientd, must be running for LDAP-UX functions to work. With
LDAP-UX Client Services B.03.10 or earlier, running the client daemon, ldapclientd, is
optional.
NOTE: The LDAP printer configurator can support any Directory Servers that support the
LDAP printer schema based on RFC 3712.
However, the LDAP-UX Client Services only supports automatically importing the LDAP
printer schema into the Directory Server by running the setup program.
If your directory server does not support the LDAP printer schema, you may experience
problems when importing the printer schema.
Configure the Pluggable Authentication Module (PAM) by modifying the PAM
configuration file /etc/pam.conf. See /etc/pam.ldap for a sample.
Configure the Name Service Switch (NSS) by modifying the file /etc/nsswitch.conf.
See /etc/nsswitch.ldap for a sample.
Optionally modify the disable_uid_range flag in the /etc/opt/ldapux/
ldapux_client.conf file to disable logins to the local system from specific users, as
described in Section 2.5.6.1 (page 106).
Optionally configure the authorization of one or more subgroups from a large repository
such as an LDAP directory server. For the detailed information on how to set up the policy
file, /etc/opt/ldapux/pam_authz.policy, see Section 5.3.4 (page 143).
After you configure your directory and the first client system, configuring additional client
systems is simpler. For more information, see Section 2.5.7 (page 112).
2.4.5.1 Quick configuration
You can quickly configure a HP-UX Directory Server/Rat Hat Directory Server directory and the
first client by letting most of the configuration parameters take default values as follows. For a
custom configuration, see Section 2.4.5.2 (page 73).
The steps described below assume that you don't use SSL or TLS support with LDAP-UX. If you
want to enable SSL support, see Section 2.4.5.2 (page 73).
NOTE: When configuring and setting up LDAP-UX, you will likely be prompted for credentials
of an administrator. If you are asked to enter the credentials (password) of a user, make sure
that the connection between your client and the HP-UX system (where you are running setup)
is secured and not subject to network eavesdropping. One option to protect such communication
may be to use the ssh protocol when connecting to the HP-UX host being configured.
1. Log in as root and run the setup program:
cd /opt/ldapux/config
./setup
NOTE: To use a local-only profile, run the setup program using the -l option . Use the
local-only profile for small deployments, testing purposes, and for environments where
administrators lack server administrative privileges.
The setup program asks you a series of questions and usually provides default answers.
Press the Enter key to accept the default, or change the value and press Enter. At any point
during setup, enter Control-b to back up or Control-c to exit setup.
2. Choose the Directory Server as your LDAP directory server (option 1).
2.4 Customized installation (setup) 69