Manualshelf

LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
919293949596979899100
2.5.2 Verifying the LDAP-UX Client Services
This section describes some simple ways you can verify the installation and configuration of
your LDAP-UX Client Services. You may need to do more elaborate and detailed testing, especially
if you have a large environment.
If any of the following tests fail, see Section 5.18 (page 189).
1. To test the name service, use the nsquery
1
command:
nsquery lookup_type lookup_query [lookup_policy]
For example, to test the name service switch to resolve a user name lookup, enter:
nsquery passwd username ldap
where username is the login name of a valid user whose posix account information is in
the directory. You should see output something like the following depending on how you
have configured /etc/nsswitch.conf:
Using "ldap" for the passwd policy.
Searching ldap for jbloggs
User name: jbloggs
user Id: 10000
Group Id: 2000
Gecos:
Home Directory: /home/jbloggs
Shell: /bin/sh
Switch configuration: Terminates Search
This tests the Name Service Switch configuration in /etc/nsswitch.conf. If you do not
see output like that above, check /etc/nsswitch.conf for proper configuration.
2. Use other commands to display information about users in the directory, making sure the
output is as expected:
pwget -n username
nsquery hosts host_to_find
grget -n groupname
ls -l
NOTE: While you can use the following commands to verify your configuration, these
commands enumerate the entire passwd or group database, which may reduce network
and directory server performance for large databases:
pwget(with no options)
grget(with no options)
listusers
logins
3. Use one of the following expressions of the ldapcfinfo command to verify that a particular
service is properly configured:
ldapcfinfo -t passwd
ldapcfinfo -t group
ldapcfinfo -t pam
When any of these commands return an error, the command reports what is improperly
configured.
4. Use the beq search utility to search for the following services: pwd (password), grp (group),
shd (shadow password), srv (service), prt (protocol), rpc (RPC), hst (host), net (network),
ngp (netgroup), and grm (group membership). An example beq command using name as
the search key, pwd as the service, and ldap as the library in 32-bit mode on an HP-UX 11i
v2 or v3 a PA-RISC machine is shown below.
1. nsquery is a contributed tool included with the ONC/NFS product. For more information, see the nsquery(1) manpage.
92 Installing and configuring LDAP-UX Client Services