LDAP-UX Client Services B.05.00 with Microsoft Windows Active Directory Server Administrator's Guide (obsolete beyond B.05.00)
Figure 3 HP-UX Client login sequence with Windows 2003 R2/2008 (RFC 2307)
HP-UX Client Windows Server
Login
PAM Library
NSS Engine
PAM
Kerberos
NAS_LDAP
Active Directory
uid: bobj
cn: Bob Jolly
unixHomeDirectory:/home/bobj
uidnumbr: 208
gidnumbr: 20
loginshell:/usr/bin/ksh
Kerberos
Services
With LDAP-UX Client Services, HP-UX commands and subsystems can transparently access name
service information from the Active Directory through PAM and NSS. Table 2 shows some examples
of commands that use PAM and NSS.
Table 2 Examples of commands that use PAM and NSS
Commands using PAM and NSSCommands using NSS
loginls
passwdnsquery
1
ftpwho
suwhoami
rloginfinger
2
telnetid
dtloginlogname
remshgroups
newgrp
2
pwget
2
grget
2
listusers
b
logins
b
1 nsquery(1) is a contributed tool included with the ONC/NFS product.
2 These commands enumerate the entire passwd or group database, which may reduce network and directory server
performance for large databases.
After you install and configure the Active Directory and migrate your name service data into it,
HP-UX client systems locate the directory from a start-up file. The start-up file tells the client system
how to download a configuration profile from the Active Directory.
12 Introduction