LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
Example 12 autosetup: silent mode
# autosetup -q
This command invokes silent mode. It can be used in any scenario in which user intervention is not
required. It assumes required parameters have been specified in environment variables.
3.3.3 Guided installation steps: First Installation into a Windows Domain mode
This section explains how to install LDAP-UX for the first time into an existing Windows domain, to
create a new LDAP-UX configuration profile.Section 3.3.3.1 (page 122) shows how to perform the
guided installation interactively, explaining step-by-step how to respond to each prompt for user
input. Section 3.3.3.2 (page 124) shows how to run a completely-automated (silent mode) guided
installation.
NOTE: If you are planning a first-time deployment of managing user and group data in the
directory server, HP suggests that you devise a strategy to avoid UID number and GID number
overlap. Most likely, you will need to continue managing some accounts that are local to the hosts
in the LDAP-UX domain. Often the root user, and sometimes application accounts (such as www for
the httpd process) remain managed in the local /etc/passwd file. Devise a convention
establishing a range for UID numbers and one for GID numbers such that accounts and groups in
LDAP do not conflict with those on the local hosts. For example, accounts in LDAP could all have
UID numbers greater than 1000, while accounts on local hosts would be restricted to UID numbers
less than 1000.
For information about ensuring that user and group numbers to be migrated or imported into a
directory server do not collide with the ones already on the HP-UX host, see Section 3.5.1.1
(page 152).
NOTE: When configuring and setting up LDAP-UX, you will likely be prompted for credentials
of an administrator. If you are asked to enter the credentials (password) of a user, make sure that
the connection between your client (where you are running autosetup) and the HP-UX system is
secured and not subject to network eavesdropping. One option to protect such communication
might be to use the ssh protocol when connecting to the HP-UX host being configured.
3.3.3.1 Interactively running First Installation into a Windows Domain mode
To interactively install LDAP-UX into a Windows domain for the first time (where there is no existing
LDAP-UX configuration profile), follow these steps. This example assumes that you have already
installed a CA certificate, as described in step 2. If you have not installed the domain’s CA
certificate, you are prompted to answer whether to trust the directory server, which cannot be
positively identified.
1. Log in as root and run the autosetup command, as shown in the following example:
# /opt/ldapux/config/autosetup
2. The autosetup script searches for any registered directory servers, querying the DNS server
of the Windows domain but does not find one, as indicated in the following example.
NOTE: If a registered directory server is found, autosetup uses that directory server
automatically unless you specify another using the -h option or the LDAP_HOSTPORT
environment variable. The installation and configuration would be similar to that which follows.
The script gives you the option of entering the host name and port of an existing directory
server, or of specifying an existing Windows domain name. The installer specifies
hpdhcalif.nwest.acme.com:389 for the host name and port.
122 Installing and configuring LDAP-UX Client Services for a Windows ADS environment