LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

Glossary
Access Control
Instruction
See ACI.
Access Control List See ACL.
ACI Access Control Instruction. A specification controlling access to entries in a directory.
ACL Access Control List. One or more ACIs.
CA Certificate Authority. An entity that issues digital certificates. The digital certificate certifies the
ownership of a public key by the named subject of the certificate. This allows others (relying
parties) to rely upon signatures or assertions made by the private key that corresponds to the
public key that is certified. In this model of trust relationships, a CA is a trusted third party that is
trusted by both the subject (owner) of the certificate and the party relying upon the certificate.
CAs are characteristic of many public key infrastructure schemes.
Configuration
profile
An entry in an LDAP directory containing information common to many clients and that allows
clients to access user, group and other information in the directory. Clients download the profile
from the directory.
See also See also Client Configuration File..
DIGEST-MD5 Message Digest version 5. A one-way hash function that always generates 20 bytes of output
from text data.
distinguished
name
See DN.
DN Distinguished name. String representation of an entry's name and location in an LDAP directory.
domain See LDAP-UX domain.
DTD Documentation Type Definition. A set of markup declarations that define a document type for
SGML-family markup languages (SGML, XML, HTML). DTDs were a precursor to XML schema
and have a similar function, although different capabilities.
GCS Global Catalog Server. In Windows, a domain controller that hosts the global catalog. One or
more domain controllers in an Active Directory forest host the global catalog.
See also global catalog.
gecos field A field in the /etc/passwd file, typically used to record general information about the account
or its users, such as the associated real name and phone number.
global catalog In Windows servers, a distributed data repository that facilitates searches and logons in an Active
Directory forest. The Active Directory replication system builds global catalog data automatically.
See also GCS.
GPO Group Policy Object. In the Windows operating system, a collection of settings that define what
a system will look like and how it will behave for a defined group of users. The GPO is associated
with selected Active Directory containers, such as sites, domains, or organizational units. Microsoft
provides a program snap-in that allows you to use the Group Policy Microsoft Management
Console (MMC) to create a GPO that defines registry-based polices, security options, software
installation and maintenance options, scripts options, and folder redirection options.
HPDS HP-UX Directory Server
IETF Internet Engineering Task Force. The organization that defines the LDAP specification. See the
IETF website at:
http://www.ietf.org.
KDC Key Distribution Center. A trusted third party (service) used to issue and validate keys for services
and principals (users) in the environment. When authorized, KDC grants access to service tickets,
which allow principals to access services within the environment.
Kerberos A computer network authentication protocol that allows nodes communicating over a non-secure
network to prove their identity to one another in a secure manner. Kerberos authentication enables
integration of HP-UX account management in Windows ADS. Kerberos, an industry standard for
network security, is seamlessly integrated in the Windows Server through the automatic
435