Manualshelf

LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
81828384858687888990
2.4.7 Configuring LDAP-UX Client Services with NIS publickey support
LDAP-UX Client Services supports discovery and management of NIS publickeys in an LDAP
directory. Both public and secret keys used by the Secure RPC API can be stored in user and host
entries in an LDAP directory server, using thenisKeyObject object class. Support for discovery
of keys in an LDAP directory server is provided through the getpublickey() and
getsecretkey() APIs. You can use chkey and newkey commands to manage user and host
keys in an LDAP server. The chkey -s ldap command is used to change a user's secure RPC
public key and secret key in an LDAP directory. The newkey -u <username> -s ldap
command is used to add new keys for users to an LDAP directory while the newkey -h
<hostname> -s ldap command is used to create new keys for machines to an LDAP directory.
For detailed information on the newkey andchkey commands, see the newkey(1M),chkey(1),
getpublickey(3N), getsecretkey(), and publickey(4) manpages.
2.4.7.1 HP-UX Enhanced Publickey-LDAP software requirement
Support for NIS publickey through LDAP requires functionality enhancement in LDAP-UX Client
Services and an enhancement in the ONC product. ONC with publickey LDAP support is available
through the HP-UX Enhanced Publickey-LDAP Software Pack (SPK) web release.
To enable the publickey LDAP support, you must install the appropriate Enhanced Publickey-LDAP
software bundle listed in Table 9 (for HP-UX 11i v2 only; no patch is required for HP-UX 11i v3)
and LDAP-UX Client Services B.04.00 or later on your client systems. The software bundle contains
all the required patches plus the enablement product for this new feature. For detailed information,
see the ONC with Publickey LDAP Support Software Pack Release Notes at:
http://www.hp.com/go/hpux-networking-docs (click HP-UX 11i v2 Networking Software)
Navigate to NFS Services.
Table 9 Enhanced Publickey-LDAP software requirement
Release DateSoftware Bundle VersionOperating System Supported
October, 2006Enhkey B.11.23.01HP-UX 11i v2
You can download the Enhanced Publickey-LDAP software bundle from the HP Software Depot
website at:
Go to http://www.hp.com/go/softwaredepot.
Click on Enhancement releases and patch bundles.
Select the link:
HP-UX Software Pack (Optional HP-UX 11i v2 Core Enhancements)
Select the link:
PublicKey-LDAP (for HP-UX 11i v2)
Select and download the following software bundle, place it to on your client system (/tmp):
Enhkey_B.11.23.01_HP-UX_B.11.23_IA_PA depot for HP-UX 11i v2
Use swinstall to install the software bundle:
swinstall -x autoreboot=true -x reinstall=false -s
/tmp/ENHKEY_B.11.23.01_HP-UX_B.11.23_IA_PA.depot for HP-UX 11i v2
2.4.7.2 Extending the NIS publickey schema into your directory
The NIS publickey schema is not loaded in the HP-UX Directory Server or Red Hat Directory Server.
If you are installing LDAP-UX B.04.00 or later on your client system, the setup program will extend
the publickey schema into your directory server. If you previously configured LDAP-UX B.03.30 or
2.4 Customized installation (setup) for an HP directory server environment 85