LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
management tools, see Section 9.3.3 (page 285). In addition, see specific return codes for each
of the tools that manage users and groups.
9.3.8.8 External Influences
9.3.8.8.1 Environment Variables
The ladpahostmgr tool supports the following environment variables:
LDAP_HOSTCRED When used in combination with the -PW option, LDAP_HOSTCRED specifies
the proxy password of the newly created host. Also, if the LDAP-UX attribute
mapping for the userPassword attribute has not been defined or set to
“*NULL*”, ldaphostmgr creates new passwords in the userPassword
attribute.
LDAP_BINDDN Specifies the DN of a user with sufficient directory server privilege to create
new users and groups in the LDAP directory server. While this variable is
optional, if LDAP_BINDDN is specified, LDAP_BINDCRED must also be
specified. Furthermore, if ldaphostmgr is used to manage information
about a remote host, and the -k or -I option is specified, the specified
LDAP_BINDDN must also represent a POSIX account, such that
ldaphostmgr can remotely connect to that host to discover/modify that
information on the remote host. When doing so, the POSIX ID of the specified
user is used to remotely log in to the host.
LDAP_BINDCRED Specifies a password or other type of credential used for the user specified
by the LDAP_BINDDN. While this variable is optional, if LDAP_BINDCRED
is specified, LDAP_BINDDN must also be specified.
9.3.8.8.2 LDAP-UX Profile
ldaphostmgr makes use of the LDAP-UX configuration profile to determine the information model
used in the directory server to store POSIX attributes.
9.3.8.9 Limitations
• Since LDAP directories require data be stored according to the UTF-8 (RFC3629) character
encoding method, all characters passed into ldaphostmgr are assumed to be UTF-8, and
part of the ISO-10646 character set. ldaphostmgr does not perform conversion of the locale
character set to/from the UTF-8 character set.
9.3.8.10 Examples
Examples of how to use ldaphostmgr can be found in the LDAP-UX Client Services Administrators
Guide.
9.3.8.11 Resources for more information
ldaphostlist(1M), ldapugadd(1M), ldapugmod(1M), ldapugdel(1M), ldapcfinfo(1M), and ldapux(5)
9.3.9 The ldaphostlist tool
Use the ldaphostlist tool to display and enumerate host entries that reside in a directory server.
Although ldaphostlist provides output similar to the ldapsearch command, it satisfies a few
specific feature requirements. These features enable applications to discover and evaluate hosts
stored in an LDAP directory server without requiring intimate knowledge of the methods used to
retrieve and evaluate that information in the LDAP directory server. In addition, ldaphostlist
can be used to discover expiration information about ssh host keys, if that information is managed
in the directory server. Except for the optional trailing attr list, ldaphostlist parameters are
not positional-dependent. Unless the trailing attr list is provided, ldaphostlist only displays
the cn (host name) and ipHostNumber (IP Address) attributes.
340 Command and tool reference