LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

231

232

233

234

235

236

237

238

239

240

ipHostNumber: 16.92.96.116

dn: cn=baker,ou=Hosts,dc=mydomain,dc=example,dc=com

cn: baker

ipHostNumber: 16.89.146.146

CAUTION: If you used guided installation to configure LDAP-UX on a host, removing that host

entry also removes the proxy user defined for that host. Removing the host’s proxy user entry

disables the ability of the OS to use LDAP as an OS management repository. When you use guided

installation to create a directory server, that directory server will require authenticated access to

itself before returning any data. The host’s proxy user entry is used to define a way for the host’s

OS to authenticate to the directory server. Removing the proxy user (host entry) terminates the

ability of ldapclientd to bind to the directory server. For example, if we remove the proxy user

entry for the current host, the following error occurs:

# ldaphostmgr -d "$(hostname)"

bind-dn [uid=domadmin,ou=People,dc=mydomain,dc=eample,dc=com]:

Password:

# ldaphostlist

ERROR: BIND_ERR:

Failed to bind to the directory server.

You can restore the host’s proxy entry and restore the proxy credential file as follows. You must

define a new password in order to recreate the proxy credentials:

# ldaphostmgr -a -P -f -k all -S "$(hostname)"

bind-dn [uid=domadmin,ou=People,dc=mydomain,dc=eample,dc=com]:

Password:

Host password:

Re-enter host password:

added DN: cn=brewer,ou=Hosts,dc=mydomain,dc=eample,dc=com

# su

Password:

# /opt/ldapux/config/ldap_proxy_config -i << EOD

> cn=brewer,ou=Hosts,dc=mydomain,dc=eample,dc=com

> [Host Password Used Previously]

> EOD

7.8.4 Managing IP addresses

Use the -i option to add or remove IP addresses to or from host entries. Without flags, the -i

option adds an additional IP address to a host entry. If you have a host with multiple IP interfaces,

you can use -i to add any additional IP addresses that have not yet been registered. For example:

# ldaphostlist -n brewer

dn: cn=brewer,ou=Hosts,dc=mydomain,dc=example,dc=com

cn: brewer

ipHostNumber: 16.92.96.113

# ldaphostmgr -i 192.168.10.10 brewer

bind-dn [uid=domadmin,ou=People,dc=mydomain,dc=example,dc=com]:

Password:

# ldaphostlist -n brewer

dn: cn=brewer,ou=Hosts,dc=mydomain,dc=example,dc=com

cn: brewer

ipHostNumber: 16.92.96.113

ipHostNumber: 192.168.10.10

238 Administering LDAP-UX Client Services