LDAP-UX Integration B.04.20 Release Notes (April 2010 Update)

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

• LDAP-UX Client Services using Windows 2003/2003 R2/2008 Active Directory Server currently

supports hosts, protocols, networks, rpc, automount and services in a single domain. It only

supports passwd and group service data in multiple domains.

• The LDAP-UX Client Services daemon, /opt/ldapux/bin/ldapclientd, caches only passwd, group,

netgroup, automount service data.

3.6.7 Duplicated Data Entries in ADS Multiple Domains

To better integrate with HP-UX, it is highly recommended that you maintain unique user names

and uid numbers in the forest, or undesired behaviors may occur. For example:

• If an ADS Global Catalog server is configured to retrieve data from remote domains,

LDAP-UX won’t return data if there are duplicate entries in any remote domains

• For users having the same user name in multiple domains, LDAP-UX may return user data

from a different domain if the original domain controller fails

• A user may not be able to change their password if his/her uid number is not unique in the

forest

3.6.8 Limitations of Printer Configurator

• The new LDAP printer schema based on /etc/opt/ldapux/schema/RFC3712.xml is imported

into the Netscape/Red Hat Directory Server to create the printer objects.

• The LDAP-UX Client Services only supports the HP LP spooler system, network printers,

and printer servers that support the Line Printer Daemon (LPD) protocol. The printer

configurator does not support local printers.

• In a global management environment, it is hard to determine a default printer for the

individual client system. The LDAP printer configurator treats every printer entry as the

regular printer. The administrator or user is required to manually select a printer as a default

printer for the client system.

3.6.9 Unsupported Commands

The following HP-UX commands currently do not work with LDAP-UX Client Services:

Table 3-4 Unsupported HP-UX Commands

Does not change the “finger” information for users in the

directory. See the finger(1) manpage.

chfn(1)

Does not change the login shell for users in the directory.chsh(1)

The System Administration Manager (SAM) does not

manage name service information in the directory.

sam(1M)

These commands do not manage user information in the

directory. Use ldapugadd, ldapugdel and ldapugmod

instead. See note below.

useradd(1M),

userdel(1M),

usermod(1M)

These commands do not manage group information in

the directory. Use ldapugadd, ldapugdel and

ldapugmod instead. See note below.

groupadd(1M),

groupdel(1M),

groupmod(1M)

You can use the LDAP User and Group command-line tools, ldapugadd, ldapugdel and

ldapugmod, to manage the user and group entries in your LDAP directory server. The syntax

for the LDAP tools is similar to the unsupported HP-UX tools, such as useradd, userdel,

usermod,..etc. For more information about tool usage, syntax, options and environment variables

supported by the LDAP tools, refer to the manpages, ldapugadd(1M), ldapugdel(1M) and

ldapugmod(1M).

26 LDAP-UX Client Services