Manualshelf

LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
81828384858687888990
2.4.7 Configuring LDAP-UX Client Services with NIS publickey support
LDAP-UX Client Services supports discovery and management of NIS publickeys in an LDAP
directory. Both public and secret keys, used by the Secure RPC API can be stored in user and
host entries in an LDAP directory server, using thenisKeyObject objectclass. Support for
discovery of keys in an LDAP directory server is provided through the getpublickey() and
getsecretkey() APIs. You can use chkey and newkey commands to manage user and host
keys in an LDAP server. The chkey -s ldap command is used to change user's secure RPC
public key and secret key in an LDAP directory. The newkey -u <username> -s ldap
command is used to add new keys for users to an LDAP directory while the newkey -h
<hostname> -s ldap command is used to create new keys for machines to an LDAP directory.
For detailed information on the newkey andchkey commands, see the newkey(1M),chkey(1),
getpublickey(3N), getsecretkey(), and publickey(4) manpages.
2.4.7.1 HP-UX Enhanced Publickey-LDAP software requirement
Support for NIS publickey through LDAP requires functionality enhancement in LDAP-UX
Client Services and an enhancement in the ONC product. ONC with publickey LDAP support
is available through the HP-UX Enhanced Publickey-LDAP Software Pack (SPK) web release.
To enable the publickey LDAP support, you must install the appropriate Enhanced
Publickey-LDAP software bundle listed in Table 2-6 (for HP-UX 11i v2 only; no patch is required
for HP-UX 11i v3) and LDAP-UX Client Services B.04.00 or later on your client systems. The
software bundle contains all the required patches plus the enablement product for this new
feature. For detailed information, see the ONC with Publickey LDAP Support Software Pack Release
Notes at the following website:
http://www.hp.com/go/hpux-networking-docs (click HP-UX 11i v2 Networking Software)
Navigate to NFS Services.
Table 2-6 Enhanced Publickey-LDAP software requirement
Release DateSoftware Bundle VersionOperating System Supported
October, 2006
Enhkey B.11.23.01HP-UX 11i v2
You can download the Enhanced Publickey-LDAP software bundle from the following Software
Depot website:
Go to http://www.hp.com/go/softwaredepot.
Click on Enhancement releases and patch bundles.
Select the link:
HP-UX Software Pack (Optional HP-UX 11i v2 Core Enhancements)
Select the link:
PublicKey-LDAP (for HP-UX 11i v2)
Select and download the following software bundle, place it to on your client system (/tmp):
Enhkey_B.11.23.01_HP-UX_B.11.23_IA_PA depot for HP-UX 11i v2
Use swinstall to install the software bundle:
swinstall -x autoreboot=true -x reinstall=false -s
/tmp/ENHKEY_B.11.23.01_HP-UX_B.11.23_IA_PA.depot for HP-UX 11i v2
2.4.7.2 Extending the NIS publickey schema into your directory
The NIS publickey schema is not loaded in the HP-UX Directory Server or Redhat Directory
Server. If you are installing LDAP-UX B.04.00 or later on your client system, the setup program
will extend the publickey schema into your Directory Server. If you previously configured
LDAP-UX B.03.30 or earlier version, and now update the product to version B.04.00 or later, you
84 Installing and configuring LDAP-UX Client Services