LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
Scanning DNS domain "west.hp.com" for any registered LDAP directory servers...
- No directory servers found.
Please enter the host name and port number of a directory server,
a Windows domain name, or press Return to create a new directory
server on this host: acct1053 Enter
NOTE: Unless you preinstall a CA or server certificate for the directory server, the autosetup
tool has no means of validating the identity of the remote directory server (acct1053). The
tool can download and permanently install the CA or server certificate for the server; however,
the server might be an impostor.
If the specified server was not created by the guided installation, you can obtain the CA or
server certificate directly from the server (in /etc/opt/ldapux) and preinstall it on your
host. For information about creating the certificate database files, see Section 2.4.6.4
(page 82).
If the CA certificate is not installed on your local host at this point of the guided installation,
autosetup warns you that it cannot validate the identity of the remote server and suggests
installing the CA certificate. You can abort so that you can install the CA certificate before
proceeding with the rest of the guided installation, or you can continue, trusting the CA
certificate that will be installed automatically by autosetup.
This example assumes the CA certificate has already been installed; therefore, you will not
see the warning and the prompt asking whether to abort or continue.
4. The script then asks for the DN of the directory server user who can add the local host to the
directory server's LDAP-UX domain. This is any host administrator with such privileges (a
member of the DomainAdmins group). In this example, the DN for the user with such privileges
is uid=domadmin,ou=people,dc=calif,dc=acme,dc=com. The server's DNS domain
in this example is calif.acme.com; this will be the name of the LDAP-UX domain configured
by autosetup. Because the LDAP-UX domain has already been set up on the directory server,
LDAP-UX should not need to extend the server's schema. Instead, the credentials entered at
this prompt merely need the privilege to add information about the current HP-UX host to the
directory server.
Please enter the DN of a user that has sufficient privilege to add this host
to the "calif.acme.com" domain. Note also that if this is the first
time adding an HP-UX host to this directory server, LDAP-UX may
also need to extend the server's schema. Please enter the DN of an
Administrator with these privileges or press Return for the default value.
[uid=domadmin,ou=people,dc=calif,dc=acme,dc=com]: Enter
5. Enter the password for the user identified in the preceding step (the entered password is not
visible):
Enter the password for the above user: [password not displayed] Enter
The installation now begins, followed by other related tasks; autosetup displays the progress
and results, as in the following example. Because an existing LDAP-UX configuration profile does
exist, autosetup downloads the existing profile from the directory server instead of creating a
new one. The profile and the associated LDAP-UX domain will be based on the existing directory
tree. In addition, autosetup provisions information about the local host into the existing directory
server.
* Extending schemas ... done.
* Downloading profile from DS ... done.
* Configuring ldapux_client.conf ... done.
* Provisioning LDAP-UX Client information into the Directory Server ... done.
* Setting up proxy user ... done.
56 Installing and configuring LDAP-UX Client Services for an HP server environment