Manualshelf

LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
71727374757677787980
Select authentication method for users to bind/authenticate to
the server
1. SIMPLE
2. SASL DIGEST-MD5
To accept the default shown in brackets, press the Return key.
Authentication method: [1]:
Press the return key if you choose to accept SIMPLE authentication method, type 2 if you
choose SASL DIGEST-MD5 authentication method for the following prompt:
Authentication method: [1]:
13. Next enter the host name and port number of the directory where your name service data
is, from “Configuration worksheet” (page 347). For high availability, each LDAP-UX client
can look for name service data in up to three different directory hosts. You can enter up to
three hosts, to be searched in order.
14. Enter the base DN where clients should search for name service data from “Configuration
worksheet” (page 347).
15. You can quickly configure a Directory Server and the first client by accepting the remaining
default configuration parameters when prompted.
If you want to use the SASL DIGEST-MD5 authentication method, you need to configure a
proxy user with its credential level.
Using the SASL DIGEST-MD5 authentication, the password must be stored in the clear text
in the LDAP directory.
Table 2-4 shows the configuration parameters and the default values they will be configured
with.
Table 2-4 Configuration parameter default values
Default valueParameter
AnonymousType of client binding
5 secondsBind time limit
no limitSearch time limit
YesUse of referrals
0 - infiniteProfile TTL (Time To Live)
YesUse standard RFC 2307 object class attributes for supported services
YesUse default search descriptions for supported services
SimpleAuthentication method
To change any of these default values, see Section 2.4.5.2 (page 73).
16. After entering all the configuration information, setup extends the schema, creates a new
profile, and configures the client to use the directory.
17. Configure the Pluggable Authentication Module (PAM).
Save a copy of the file /etc/pam.conf and edit the original to specify LDAP authentication
and other authentication methods you want to use. See /etc/pam.ldap for a sample. You
may be able to just copy /etc/pam.ldap to /etc/pam.conf. For more information about
PAM, see the pam(3) and pam.conf(4) manpages. In addition, see the document Managing
Systems and Workgroups: A Guide for HP-UX System Administrators at the following location:
www.hp.com/go/hpux-core-docs (click HP-UX 11i v2)
2.4 Customized installation (setup) 71