LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

5. Select the client binding you want from “Configuration worksheet” (page 347). This

determines the identity that client systems use when binding to the directory to search for

user and group information.

6. If you configured a proxy user, enter the DN and password of your proxy user, from

“Configuration worksheet” (page 347).

If you want to use the SASL/DIGEST-MD5 authentication method, you need to configure a

proxy user with its credential level.

Using the SASL/DIGEST-MD5 authentication, the password must be stored in the clear text

in the LDAP directory.

7. Enter the maximum time in seconds the client should wait for directory searches before

aborting. Enter 0 for no time limit.

8. Enter whether or not you want directory searches to follow referrals. Referrals are a

redirection mechanism supported by the LDAP protocol. Please see your directory manuals

for more information on referrals.

NOTE: If you want your directory searches to follow referrals, you must allow anonymous

access into your directories.

9. Enter the Profile TTL (Time To Live) value. This value defines the time interval between

automatic downloads (refreshes) of new configuration profiles from the directory. Automatic

refreshing ensures that the client is always configured using the newest configuration profile.

If you want to disable automatic refresh or manually control when the refresh occurs, enter

a value of 0. Section 2.5.8 (page 113).

10. In this step, the setup program initiates a dialog where you can remap the standard object

class attributes to alternate attributes. You may want to do this if the attributes in your

directory do not conform to the object classes defined in RFC 2307.

You can remap the attributes for any of the supported services: passwd, shadow passwd,

group, PAM, netgroup, rpc, protocols, networks, hosts, services and automount.

NOTE: Make sure that the attribute names are entered correctly to avoid unpredictable

results later.

For a description of the standard object classes and attributes, see RFC 2307 at:

http://www.ietf.org/rfc/rfc2307.txt.

At this point, the setup program will display the following dialog:

LDAP-UX Client Services supports the following services:

1.Password 7.Networks

2.Shadow passwd 8.Hosts

3.Group 9.Services

4.PAM (Pluggable Authentication Module)10.Printers

5.RPC 11.Automount

6 Protocols 12.Netgroup

Each services uses a standard object class (defined by RFC 2307)

You can remap any of these attributes to alternate attributes.

Do you want to remap any of the standard RFC 2307 attributes?

Enter “yes” if you want to remap attributes for any of the supported services. Then go to

Section 2.4.5.3 (page 76) for details of the procedures.

Otherwise, if you do not want to remap attributes for any of the supported services, then

enter “no” to this prompt to continue to the next step.

11. In this step, the setup program initiates a dialog where you can create a custom search

descriptor. A custom search descriptor allows you to specify a different search location or

filter for retrieving entries for services supported by LDAP-UX Client. Each name service

74 Installing and configuring LDAP-UX Client Services