LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
administration domain (this directory server is also referred to as the Configuration Directory
Server or configuration directory).
NOTE: The directory server administration domain is the domain used for managing the
directory servers themselves. In contrast, the LDAP-UX domain is the domain used for managing
the data stored by the directory server. It consists of the collection of users, groups, and hosts
that can be managed in the LDAP directory server. For more information about the variety of
domains discussed in this manual, see Section 1.3 (page 22).
The guided installation also prompts for the initial credentials used for managing the elements
of the directory server and the data managed by that directory server. It configures the directory
server to suit managing an LDAP-UX domain. For more information about the LDAP-UX domain,
see Section 2.3.2 (page 31).
In this scenario, the guided installation:
◦ Configures the directory server with an LDAP-UX schema used for managing users, groups,
and hosts. This includes definition of the database indexes based on that schema.
◦ Defines the initial framework for the directory information tree.
◦ Defines access control rights for directory server and LDAP-UX domain administration.
◦ Creates an LDAP-UX configuration profile (based on RFC 4876) that can be used for
configuring additional clients. This file defines the LDAP-UX domain contents. For
information about this RFC, see:
http://www.ietf.org/rfc/rfc4876.txt
For more information about RFCs in general, see:
http://www.ietf.org/rfc.html
◦ Provisions HP-UX host information into the directory server, to be used for proxied
authentication and ssh key management.
◦ Creates a CA and server certificate along with a CA package depot that can be
preinstalled on HP-UX clients to be managed in the LDAP-UX domain.
The creating and provisioning of a new directory server instance is supported only with Red
Hat Directory Server 8.0 and HP-UX Directory Server 8.1 or later. The guided installation does
not create instances of previous versions of Red Hat Directory Server or Netscape Directory
Server.
For information about installing LDAP-UX for the first time in an environment without a directory
server, see Section 2.3.4 (page 46).
• Installing LDAP-UX into an existing directory server environment (Existing Directory Server
Installation mode): In this scenario, instead of creating a new directory server instance, the
guided installation discovers information about your existing directory server and directory
information tree. The existing directory server must be HP-UX Directory Server 8.1 or later, or
Red Hat Directory Server 8.0. The guided installation then configures LDAP-UX accordingly.
The guided installation requires that the existing directory information tree follow the structure
defined in Figure 7 (page 32), unless being installed into a Windows domain.
If the directory server hosts a Windows domain, the guided installation configures the LDAP-UX
profile to follow the standard layout and attributes defined for an ADS domain. For a domain
other than Windows ADS, the guided installation creates an LDAP-UX configuration profile
based on the existing directory information tree, with the defaults defined for an LDAP-UX
domain shown in Figure 7 (page 32). The guided installation provisions information about
the current host into the directory server. For more information about the directory information
tree in an LDAP-UX domain, see Section 2.3.2.1 (page 32).
In this scenario, the guided installation prompts for several parameters, depending on the
exact circumstances. You are prompted for the existing directory server host name (and
28 Installing and configuring LDAP-UX Client Services for an HP server environment