LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
2. The autosetup script searches for a registered LDAP-protocol directory server in the local
DNS domain but does not find one, as indicated in the following example.
NOTE: The script searches for a registered server only if the directory server was not specified
with the -h option command-line option or LDAP_HOSTPORT environment variable. If a
registered directory server is found, autosetup uses that directory server automatically.
The script gives you the option of entering the host identification of an existing directory server
(along with two other options). The installer specifies host name hpdhcalif (a directory
server already exists, so a new directory server is not needed for serving LDAP-UX clients).
Scanning DNS domain "west.hp.com" for any registered LDAP directory servers...
- No directory servers found.
Please enter the host name and port number of a directory server,
a Windows domain name, or press Return to create a new directory
server on this host [host: hpdhcalif Enter
NOTE:
Unless you preinstall a CA or server certificate for the directory server, the autosetup tool
has no means of validating the identity of the directory server. The tool can download and
permanently install the CA or server certificate for the server; however, the server could be
an impostor. If autosetup created the specified server, it created a depot file on that server's
host that contains the CA certificate for that server. The depot on the specified host in this
example is found at : /tmp/ca-calif.acme.com.depot. The depot file can be distributed
to your host or any other HP-UX clients to be established in the same LDAP-UX domain. By
installing it on your host before configuring LDAP-UX, you preestablish trust with the specified
remote server. For more information, see Section 2.3.2.3.3 (page 39).
If the specified server was not created by autosetup, you can obtain the CA or server
certificate directly from the server (in /etc/opt/ldapux) and preinstall it on your host,
following the instructions in Section 2.4.6.4 (page 82).
If the CA certificate is not installed on your local host at this point of the guided installation,
autosetup warns you that it cannot validate the identity of the remote server and suggests
installing the CA certificate. You can abort so that you can install the CA certificate before
proceeding with the rest of the guided installation, or you can continue, trusting the CA
certificate that will be installed automatically by autosetup.
This example assumes the CA certificate has already been installed; therefore, you will not
see the warning and the prompt asking whether to abort or continue.
3. The script then asks for the DN of the directory server user who can add the local host to the
directory server's LDAP–UX domain. This is any host administrator with such privileges (a
member of the DomainAdmins group). In this example, the DN for the user with such privileges
is uid=domadmin,ou=people,dc=calif,dc=acme,dc=com. The server's DNS domain
in this example is calif.acme.com; this will be the name of the LDAP-UX domain configured
by autosetup. This being the first time adding an HP-UX host to this directory server, LDAP-UX
will extend the server's schema.
Please enter the DN of a user that has sufficient privilege to add this host
to the "calif.acme.com" domain. Note also that if this is the first
time adding an HP-UX host to this directory server, LDAP-UX may
also need to extend the server's schema. Please enter the DN of an
Administrator with these privileges or press Return for the default value.
[uid=domadmin,ou=people,dc=calif,dc=acme,dc=com]: Enter
4. Enter the password for the user identified in the preceding step (the entered password is not
visible):
2.3 Guided installation (autosetup) for an HP directory server environment 53