LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
• To use common authentication with other LDAP-enabled applications, the userPassword
attribute is defined as NULL. This means that it is not visible to applications on the HP-UX host.
But, applications use the standardized PAM framework to perform authentication.
2.3.2.2.2 Domain entity classification schema
The guided installation (and LDAP-UX B.05.00 or later) provides new schema that can be used to
manage information about users, groups, hosts, and services in your network. As indicated in
Table 3 (page 36) and Table 4 (page 37), LDAP-UX only uses some of the newly added schema
directly by default . The tables describe the full list of new attributes and object classes, and explain
how the schema are used. The recommended uses are merely advisory. Each organization can
customize usage to suit its unique needs. Table 3 (page 36) describes the new attributes.
Table 3 New attributes
Description and useAttribute name
Describes the model associated with the object. The ldaphostmgr tool (with
the -I option specified) uses this attribute to record the hardware model of the
HP-UX host.
entityModel
Represents the version of the associated entity. The ldaphostmgr tool (with
the -I option specified) uses this attribute to record the version of the HP-UX OS
on a host.
entityVersion
Describes the designated usage of the object.entityUsage
Represents a role associated with the object. The ldaphostmgr tool (with the
-r option specified) will define this attribute.
entityRole
Represents the function of the associated object.entityFunction
Represents the security level of the associated object.entitySecurityLevel
Represents the type of the associated object.entityType
Defines a configuration parameter for the associated service. Suggested format:
service-name[/subsystem[/...]]:service-specific-configuration-parameter
For example:
serviceConfigParam:
ssh/client/ssh_config:strictHostKeyChecking yes
serviceConfigParam
Describes the type of service supported by the entity.serviceType
Describes the port of service supported by the entity, typically a TCP socket
number.
servicePort
Represents a locally assigned name associated with a management collection.
The name can be a translated representation of the associatedDomain
attribute (RFC 4524) or a name provisioned from an organization-defined
procedure. The entityDomain value is expected to be unique within the larger
management space or at least within the associatedDomain.
entityDomain
Global policy DN to support central configuration service. If this attribute is
defined in the configuration profile, the central configuration service (ldapconfd)
will search the specified entry and download the configuration specified in the
serviceConfigParam attributes. As of release B.05.00, only HP Secure Shell
has configuration handlers to support centralized configuration management.
For more information about the central configuration service, see “Managing
ssh host keys with LDAP-UX (HP directory servers only)” (page 258).
cfgGlobalPolicyDN
Defines an ssh public key for the associated object.sshPublicKey
Table 4 (page 37) describes the new object classes.
36 Installing and configuring LDAP-UX Client Services for an HP server environment