LDAP-UX Client Services B.05.00 with Microsoft Windows Active Directory Server Administrator's Guide (obsolete beyond B.05.00)
existing Active Directory Server and directory information tree and configures a new LDAP-UX
profile to follow the standard layout and attributes defined for an ADS domain.
The guided installation prompts for several parameters, depending on the exact circumstances.
These may include the DN and password of a user (the domain administrator, by default) who
has sufficient privileges to add the local host to the Windows domain.
The script gives you the option of entering the host name and port of an existing Active Directory
Server, or of specifying an existing Windows domain name. If you specify a remote host
where an existing ADS exists, the guided installation may not be able to validate the identity
of the directory server unless a valid domain (CA certificate) or server certificate has been
pre-installed on the host being configured. If a certificate does not exist there, you are given
the option of having the guided installation download and install the CA or server certificate
without assuring trust with the directory server unless the certificate is validated with the original.
For more information about retrieving the appropriate certificate for validation, see
Section 2.4.6.2.1 (page 49).
For an example and instructions for performing the First Installation into a Windows Domain
mode guided installation, see Section 2.3.3 (page 21).
• Installing Additional HP-UX Hosts into a Windows Domain (Existing Windows LDAP-UX
Configuration mode): In this mode, LDAP-UX has already been configured in the environment
(an LDAP-UX configuration profile already exists). You can then use the guided installation to
join the HP-UX host to an existing Windows ADS domain. The guided installation simply
downloads the existing domain configuration and registers the host in the domain.
For an example and instructions for performing the Existing Windows LDAP-UX Configuration
mode mode guided installation, see Section 2.3.4 (page 24).
NOTE: You can install LDAP-UX into an existing LDAP B.04.xx environment; however, the
hosts search descriptor serviceSearchDescriptor in the LDAP-UX configuration profile
will likely define an incorrect location for host entries (it should be cn=Computers). Host
tools expect the correct location for host entries to be defined in the configuration profile. If
the location is incorrect, the ldaphostmgr tool will add hosts to an incorrect location in the
directory tree.
The guided installation (with LDAP-UX B.05.00 or later) configures the profile with the correct
location for host entries. If you are installing LDAP-UX into an LDAP-UX environment that has
not been set up by the guided installation, ensure that the correct location is specified in the
profile (normally, this is cn=Computers container). To determine the location configured for
hosts in the LDAP-UX configuration profile, you can use the following command:
/opt/ldapux/bin/ldapcfinfo -t hosts -b
If you need to modify the configuration profile, you can modify the
serviceSearchDescriptor attribute for the hosts service. For information about how
to modify the LDAP-UX configuration profile, see “Modifying an existing profile” (page 130).
2.3.1 What autosetup does
As mentioned, the guided installation (autosetup) greatly simplifies the configuration process.
The procedure performs numerous activities automatically, with minimal input required from whoever
runs the script, including the following:
1. Automatically detects existing Active Directory Servers by querying the DNS server of a
Windows domain for any registered Active Directory Servers, and then tries to connect to the
Active Directory Server with a search request. If multiple SRV resource records are returned,
autosetup stops searching once it makes a successful connection. If a directory server cannot
be found by DNS, you will be prompted for the host name and port number for an existing
16 Installing LDAP-UX Client Services