LDAP-UX Client Services B.05.00 with Microsoft Windows Active Directory Server Administrator's Guide (obsolete beyond B.05.00)
6.8 Managing hosts in an LDAP-UX domain
LDAP-UX B.05.00 introduces utilities that simplify management of hosts, adding to the toolset
provided for managing users and groups. Two utilities have been added,
/opt/ldapux/bin/ldaphostmgr and /opt/ldapux/bin/ldaphostlist. These utilities
let you discover, create, modify, and remove host objects in the directory server. Similar to the
user and group management tools, these host-management tools integrate with the LDAP-UX
configuration, allowing administrators and automated scripts to modify host information without
needing to know configuration information such as the directory server host name, directory server
tree location, authentication methods, attribute mapping, search filters, and so forth. For more
information on how to manage hosts in an LDAP-UX domain, see the LDAP-UX Client Services
B.05.00 Administrator's Guide.
6.9 Displaying the proxy user's distinguished name
You can display the proxy user's distinguished name (DN) by running /opt/ldapux/config/
ldap_proxy_config -p.
The following command displays the current proxy user:
cd /opt/ldapux/config
./ldap_proxy_config -p
PROXY DN: CN=Proxy User, CN=Users, DC=cup, DC=hp, DC=com
6.10 Verifying the proxy user
The proxy user information is stored encoded in the file /etc/opt/ldapux/pcred and in kernel
memory, referred to as SCS (Secure Credential Store). To determine if these are synchronized and
check if the proxy user can authenticate to the directory, run /opt/ldapux/config/
ldap_proxy_config -vas follows:
cd /opt/ldapux/config
./ldap_proxy_config -v
File Credentials verified - valid
6.11 Creating a new proxy user
Use the following steps to create a new proxy user and change your client systems to use the new
proxy user.
1. Add the new proxy user to your directory with appropriate access controls.
2. Configure each client to use the new proxy user by running /opt/ldapux/config/
ldap_proxy_config. Refer to the Section 6.11.1 (page 129) below.
3. Run /opt/ldapux/config/ldap_proxy_config -p to display the proxy user you just
configured and confirm that it is correct.
4. Run /opt/ldapux/config/ldap_proxy_config -vto verify the proxy user is working.
6.11.1 Example
For example, the following command configures the local client to use a proxy user DN of
CN=Proxy User, CN=Users, DC=cup, DC=hp, DC=com with a password of abcd1234:
cd /opt/ldapux/config
./ldap_proxy_config -i
CN=Proxy User, CN=Users, DC=cup, DC=hp, DC=com
abcd1234
The following command displays the current proxy user:
6.8 Managing hosts in an LDAP-UX domain 129