Manualshelf

LDAP-UX Integration B.05.00 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
12345678910
2 LDAP-UX Client Services
This section contains the following information about LDAP-UX Client services B.05.00:
What’s New in LDAP-UX Client Services B.05.00
Known Problems Fixed in LDAP-UX Client Services
Compatibility and Installation Requirements for LDAP-UX Client Services
Documentation
Known Problems and Workarounds
Limitations in LDAP-UX Client Services
2.1 What’s new in LDAP-UX Client Services B.05.00
LDAP-UX Client Services B.05.00 is a major update to the LDAP-UX Integration product. Several
new features are added to this release to greatly enhance management of enterprise computing
centers and to help comply with strict security requirements:
Automated setup (simplified guided installation mode)
This release provides automated setup, which allows HP-UX to be quickly configured to
integrate into an LDAP directory server for centralized identity and OS management. Guided
installation mode allows for one-step integration into a Windows domain or LDAP-UX
domain. Guided installation mode can also provision a new HP-UX Directory instance with
a pre-created management domain.
SSH Host Key Management
LDAP-UX can be used to centrally manage public keys for HP Secure Shell (ssh) hosts. By
provisioning host public keys into the directory server, trust between hosts and users can
be pre-established, eliminating the man-in-the-middle threats. Additionally, LDAP-UX
allows for central management of ssh configuration parameters.
NOTE: This feature is not supported when using LDAP-UX Client Services with Windows
ADS.
Offline Credential Caching
LDAP-UX can use locally cached user, group, and authentication credentials when contact
with the directory server is lost, providing high availability for the OS and its applications.
For patch requirements, see Section 2.2.1.5 (page 12)
IPv6 support
LDAP-UX OS integration and management tools can now connect to directory servers
through IPv6 addressing.
compat mode performance enhancement
For organizations that rely on the legacy netgroup /etc/passwd filtering, the compat mode
performance enhancement significantly improves performance when numerous and large
netgroups are used in the /etc/passwd file for controlling passwd fields.
Local-only profile support
The centrally managed LDAP-UX configuration profile uses a schema defined by RFC 4876.
For environments where modification of the directory server schema is not allowed and
new schema cannot be installed, the local-only profile allows LDAP-UX to manage
configuration on the local hosts instead of the directory server. You need to use the -l
option with the customized setup program to obtain this feature.
2.1 What’s new in LDAP-UX Client Services B.05.00 9