LDAP-UX Integration B.05.00 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

-i /etc/opt/ldapux/domain_profiles/ldapux_profile.ldif.eng.myorig.mycom.com \

-o /etc/opt/ldapux/domain_profiles/ldapux_profile.bin.eng.myorg.mycom.com"

PROFILE_ID="acct.myorg.mycom.com"

LDAP_HOSTPORT="192.10.10.12:389"

PROFILE_ENTRY_DN="cn=ldapuxprof,cn=configuration,dc=acct,dc=myorg,dc=mycom,dc=com"

PROGRAM="/opt/ldapux/config/create_profile_cache \

-i /etc/opt/ldapux/domain_profiles/ldapux_profile.ldif.acct.myorig.mycom.com \

-o /etc/opt/ldapux/domain_profiles/ldapux_profile.bin.acct.myorg.mycom.com"

After you update the product to version B.04.10 or later successfully, you have to execute

PROGRAM from the command line as follows:

# /opt/ldapux/config/create_profile_cache \

-i /etc/opt/ldapux/domain_profiles/ldapux_profile.ldif.eng.myorig.mycom.com\

-o /etc/opt/ldapux/domain_profiles/ldapux_profile.bin.eng.myorg.mycom.com

# /opt/ldapux/config/create_profile_cache \

-i /etc/opt/ldapux/domain_profiles/ldapux_profile.ldif.acct.myorig.mycom.com\

-o /etc/opt/ldapux/domain_profiles/ldapux_profile.bin.acct.myorg.mycom.com

Then you start or restart the client daemon, /opt/ldapux/bin/ldapclientd.

2.3.5 Removing the LDAP-UX Client Services

You can remove the LDAP-UX Client Services from your system using the SD-UX facility. See

the swremove(1M) man page for details.

1. Log in to your system as root.

2. Remove ldap references from /etc/nsswitch.conf and /etc/pam.conf.

3. Run swremove to remove the LDAP-UX Client Services product. For example:

On HP-UX 11i v2, run /usr/sbin/swremove J4269AA

On HP-UX 11i v3, run /usr/sbin/swremove LDAPUX

4. Remove the directories /etc/opt/ldapux and /opt/ldapux.

5. Edit the /etc/pam.conf file and remove all lines containing "libpam_ldap.so.1".

WARNING! If the LDAP-UX product is removed without completing Step 5 on HP-UX

11i v2 system, users will not be able to log onto the system.

Follow the following steps to resolve this problem:

1. Reboot the system in the single-user mode.

2. Execute the “mountall” command to mount the file system.

3. Complete operations specified in Step 5 above.

2.4 Problems fixed in this release

The following problems have been fixed in this release:

• LDAP-UX could close file descriptors of a recently forked process.

• ldapugdel -O would remove description attribute

• ldapugdel -O would not remove msSFU attributes

• Hang in pam_authz if a the LDAP server went down during policy evaluation

• Setup would not handle a directory server that did not have a host name, if only specified

using the IP address.

• Programs calling PAM functions would abort if the libpam_authz library was used and

the pam_authz.policy ended with backslash

• The setup utility would report an error when attempting to discover installed schema on

Tivoli Directory Server.

• ldap_proxy_config would not properly report that a proxy user credential was invalid

if either the specified proxy user name or password was blank.

16 LDAP-UX Client Services