LDAP-UX Integration B.04.10 Release Notes
Table Of Contents
- LDAP-UX Integration B.04.10 Release Notes
- Table of Contents
- 1 LDAP-UX Integration B.04.10 Release Note
- LDAP-UX Integration Overview
- LDAP-UX Client Services
- What’s New in LDAP-UX Client Services B.04.10
- Known Problems fixed in LDAP-UX Client Services A.04.10
- Compatibility and Installation Requirements for LDAP-UX Client Services
- Installing and Configuring the LDAP-UX Client Services
- Documentation
- Known Problems and Workarounds for LDAP-UX Client Services
- Limitations in LDAP-UX Client Services
- Services
- /etc/pam.conf
- LDAP Directory Interoperability
- Supported Name Service Databases
- Duplicated Data Entries in ADS Multiple Domains
- SSL With Windows 2000 Active Directory Server
- Limitations of Printer Configurator
- Unsupported Commands
- Clear Text Passwords
- Man page for ldapclientd.conf
- LDAP Security Policy Enforcement
- SASL/GSSAPI Profile Download Support
- Changing authentication methods
- Supported Features For Particular Directory Servers
- Additional Limitations with Active Directory
- NIS/LDAP Gateway
This draft is currently published as draft-joslin-config-schema-07.txt (which will likely be replaced
by a future draft revision or RFC). The "Configuration Profile" schema will be automatically
installed on directory servers that support online modification of the subschema subentry.
The following list of directories have been tested or minimally verified.
• Netscape Directory Server 6.11/6.21 and Red Hat Directory Server 7.0/7.1for HP-UX - Fully
tested and supported
• Microsoft Windows 2000/2003 Active Directory - Fully tested and supported
• OpenLDAP 2.1.13a - Verified with limited support
— Manual schema installation required
• Novell eDirectory 8.7 - Minimally verified
• IBM IDS 5.1 - Minimally verified
• Oracle Internet Directory 9.04 - Minimally verified
— Required to index all attributes
— Bypass setup with ldapmodify to manually load the profile schema
• Computer Associates eTrust 4.0 - Minimally verified
— Manual schema installation required
• Sun SunOne 5.2.β3 − Μινιµαλλψ ϖεριφιεδ
If you have another directory, you may be able to use that directory if it meets the following
requirement:
• Supports version 3 of the LDAP specification as defined by IETF RFCs 2251 through 2256
• Supports the Posix name service schema (RFC 2307) or a similar schema
• The schema can be extended to include the DUAConfigProfile object classes and required
attributes (see above)
• For security, the directory should support an access control mechanism that can restrict
modification rights of entries and attributes to specific users
• For security, the directory should support at least ldap_simple_bind authentication
Supported Name Service Databases
• LDAP-UX Client Services using Netscape/Red Hat Directory Server supports the following
name services data:
— passwd
— group
— netgroup
— services
— rpc
— hosts
— networks
— automount
— publickey
— protocols
— user-defined maps
• LDAP-UX Client Services using Windows 2000/2003/2003 R2 Active Directory Server does
not support netgroup and publickey service data.
• LDAP-UX Client Services using Windows 2000/2003/2003 R2 Active Directory Server currently
supports hosts, protocols, networks, rpc, automount and services in a single domain. It only
supports passwd and group service data in multiple domains.
• The LDAP-UX Client Services daemon, /opt/ldapux/bin/ldapclientd, caches only passwd, group,
netgroup, automount service data.
LDAP-UX Client Services 23