LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

281

282

283

284

285

286

287

288

289

290

The following example configures the Admin Proxy user as uid=adminproxy2,ou=special

users,o=hp.com with password admin2pw, and creates or updates the file /etc/opt/ldapux/

acred with this information. The Admin Proxy user uses the SASL/DIGEST-MD5 authentication

and uses the DN to generate the DIGEST-MD5 hash.

ldap_proxy_config -A -i

uid=adminproxy2,ou=special users,o=hp.com

admin2pw

CR>

The following example configures the Admin Proxy as uid=adminproxy3,ou=special

users,o=hp.com, UID adminproxy3, and password admin3pw, and creates or updates the

file /etc/opt/ldapux/acred with this information. The Admin Proxy user uses the SASL/

DIGEST-MD5 authentication and uses the UID to generate the DIGEST-MD5 hash.

ldap_proxy_config -A -i

uid=adminproxy3,ou=special users,o=hp.com

admin3pw

adminproxy3

The following example displays the current proxy user:

ldap_proxy_config -p

PROXY_DN: uid=proxyuser,ou=special users,o=hp.com

The following command displays the configured proxy user information and determines whether

the client can bind to the directory as the proxy user:

ldap_proxy_config -v

File Credentials verified - valid

The following example configures the proxy user as uid=proxyuser,ou=special

users,o=hp.com with the password prox12pw, and creates or updates the file /etc/opt/

ldapux/pcred with this information:

ldap_proxy_config -d "uid=proxyuser,ou=special users,o=hp.com" -c prox12pw

The following example configures the proxy user with the contents of the file proxyfile and

creates or updates the file /etc/opt/ldapux/pcred with this information:

ldap_proxy_config -f proxyfile

The file proxyfile must contain two lines: the proxy user DN on the first line and password on

the second line.

9.3 LDAP user and group management tools

The LDAP-UX Integration product supports the following new LDAP command-line tools which enable

you to manage user accounts and groups in an LDAP directory server. These new tools exist in the

/opt/ldapux/bin directory and perform their operations based on the LDAP-UX profile

configuration. Each tool provides command options that enable you to alter these configuration

parameters. For detailed information about tool usage, syntax, options, arguments, environment

variables, template files, return codes supported by these tools, see Section 9.3 (page 283), or see

the ldapuglist(1M), ldapugadd(1M), ldapcfinfo(1M), ldapugmod(1M), and ldapugdel(1M)

manpages.

ldapuglist Use the ldapuglist tool to display and enumerate subsets of POSIX-like account

and group entries that reside in an LDAP directory server.

ldapugadd Use the ldapugadd tool to add new POSIX accounts or groups to an LDAP

directory server.

ldapugmod Use the ldapugmod tool to modify existing accounts or groups in an LDAP

directory server. You can use ldapugmod with extended options to modify

arbitrary attributes for user or group entries.

9.3 LDAP user and group management tools 283