Manualshelf

LDAP-UX Integration B.04.20 Release Notes (April 2010 Update)

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
21222324252627282930
3.5 Known Problems and Workarounds for LDAP-UX Client Services
This section describes all currently known problems with the LDAP-UX Client Services product.
Active Directory Server
Problem
If a password expires, the user cannot log into HP-UX clients.
Workaround
The administrator will have to reset the password or the user will have to log into the
Windows 2003, 2003 R2, or 2008 system to reset password before he can log into HP-UX
machines.
Problem
If the account option user must change password at next logon is set, then on
11i v1, the user can not log into the HP-UX machine even if the password has not expired
and is still valid. 11i v2 doesn’t have this limitation.
Workaround
No workaound exists
Password Expiration
Problem
Netscape Directory Server 6.11 and prior versions do not support expired passwords for
DIGEST-MD5.
Workaround
No workaound exists
Proxy User Configuration
Problem
If you change the authentication method from SIMPLE (with or without SSL) to SASL
DIGEST-MD5 (with or without SSL), or vice versa, the proxy user will become invalid if
you don’t update the proxy user during setup.
Workaround
The workaround is to remove the /etc/opt/ldapux/pcred file, then run the command,
/opt/ldapux/config/ldap_proxy_config -i, to reconfigure it.
Hosts
Problem
A single entry representing a host/computer in an LDAP directory can contain multiple IP
addresses for each hostname record. The /etc/hosts file, however, requires a separate entry
for each IP address.
Workaround
If the system has been configured with multiple IP addresses for the same hostname, then
the migration script migrate_host.pl will create multiple entries in its resulting LDIF file
with the same distinguished name for hostname for each of the IP address. Since distinguished
name need to be unique in an LDAP directory, users need to first manually merge the IP
addresses with one designated host record and delete the duplicate records in their LDIF
file. A resulting entry might look as follows:
dn: cn=machineA, ou=devices, ou=hp.com
objectClass: top
objectClass: ipHost
objectClass: device
ipHostNumber: 15.13.130.72
ipHostNumber: 15.13.104.4
3.5 Known Problems and Workarounds for LDAP-UX Client Services 23