Manualshelf

LDAP-UX Integration B.04.20 Release Notes (June 2009)

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
29303132333435363738
Installing and Configuring LDAP Client Administration Tools
This section provides basic instructions for installing the LDAP Client Administration Tools. For
complete installation and configuration instructions, see NIS/LDAP Gateway Administrator’s Guide.
Configuration Quick Start
This product does not require any specific configuration. However, once you have installed the
product, read the file /opt/ldapux/bin/README-ADMIN for instructions on how to simplify
LDAP directory administration from your LDAP-UX or NIS/LDAP Gateway clients.
You may also wish to create a front-end script to the ldappasswd command, to hide the LDAP
directory from the average HP-UX user.
Below are two examples you can cut and paste into a passwd shell script and then modify for
your environment:
#!/usr/bin/ksh
/opt/ldapux/bin/ldappasswd -b "your_base_DN" -h "ldap_server_host_name" \
-p "ldap_port"
#!/usr/bin/ksh
/opt/ldapux/bin/ldappasswd -b "ou=people,o=hp.com" \
-h "dirserver.lab.hp.com" -p 389
Known Problems and Workarounds
Known Problem
If the NIS Client is on same box as ypldapd, it can bind to wrong server.
Workaround
If you want NIS Clients to bind with specific ypldapd or NIS Server, configure your client’s box
as follows: Specify "YPSET_ADDR=machines name" in the etc/rc.config.d/namesrvs
file.
Limitations in NIS/LDAP Gateway
The following are limitations in this version of the NIS/LDAP Gateway.
Crypt Passwords
The NIS/LDAP Gateway product requires that user passwords be stored in the directory
server in the same format as stored in an /etc/passwd file. This is known as “Unix Crypt”
format. If your directory server does not understand the {crypt} data type, you can still use
the NIS/LDAP Gateway server. However, these users will not be able to authenticate to the
directory server. One side effect is that users will not be able to change their own passwords
(although a directory administrator could accomplish this on a users behalf.) Also, other
LDAP enabled applications may not work correctly.
Modifying Data in the Directory
You cannot use the chfn(1) and chsh(1) and passwd(1) commands to modify data in the
directory.
NIS and NIS/LDAP Gateway
You cannot run an NIS server (ypserv) and an NIS/LDAP Gateway server (ypldapd)
simultaneously on the same system.
Installing and Configuring LDAP Client Administration Tools 37