LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

100

pwget -n username

nsquery hosts host_to_find

grget -n groupname

ls -l

NOTE: While you can use the following commands to verify your configuration, these

commands enumerate the entire passwd or group database, which might reduce network and

directory server performance for large databases:

pwget(with no options)

grget(with no options)

listusers

logins

3. Use one of the following expressions of the ldapcfinfo command to verify that a particular

service is properly configured:

ldapcfinfo -t passwd

ldapcfinfo -t group

ldapcfinfo -t pam

When any of these commands return an error, the command reports what is improperly

configured.

4. Use the beq search utility to search for the following services: pwd (password), grp (group),

shd (shadow password), srv (service), prt (protocol), rpc (RPC), hst (host), net (network),

ngp (netgroup), and grm (group membership). The following is an example beq command

using name as the search key, pwd as the service, and ldap as the library in 32-bit mode on

an HP-UX 11i v2 or v3 a PA-RISC machine.

./beq -k n -s pwd -l /usr/lib/libnss_ldap.1 iuser1

nss_status........ NSS_SUCCESS

pw_name...........(iuser1)

pw_passwd.........(*)

pw_uid............(101)

pw_gid............(21)

pw_age............()

pw_comment........()

pw_gecos..........(gecos data in files)

pw_dir............(/home/iuser1)

pw_shell..........(/usr/bin/sh)

pw_audid..........(0)

pw_audflg.........(0)

Use the following beq command if you are running 64-bit applications on an HP-UX 11i v2

or v3 HP Integrity server:

./beq -k n -s pwd -l /usr/lib/hpux64/libnss_ldap.so.1 iuser1

Use the following beq command if you are running 32-bit applications on an HP-UX 11i v2

or v3 HP Integrity server:

./beq -k n -s pwd -l /usr/lib/hpux32/libnss_ldap.so.1 iuser1

For command syntax and examples, see Section 9.7.1 (page 386) .

5. Log in to the client system from another system using rlogin or telnet. Log in as a user in

the directory and as a user in /etc/passwd to make sure both work.

6. Optionally, test your PAM_AUTHZ authorization configuration:

If the PAM_AUTHZ is configured without the pam_authz.policy file, verify the following:

• Log into the client system from another system using rlogin or telnet. From there log

in to the directory as a member from +@netgroup to verify that PAM_AUTHZ authorizes

you and is working correctly.

92 Installing and configuring LDAP-UX Client Services for an HP server environment