Manualshelf

LDAP-UX Integration B.05.01 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
11121314151617181920
D.01.25 or higher for HP-UX 11i v3
If you wish to also use SASL/GSSAPI for proxied authentication, version 1.6.2.05 or later of the
Kerberos Client product is required, which is a replacement for the KRB5-Client components of the
core HP-UX OS. More specifically, HP-UX 11i v2 requires Kerberos v5 Client product D.1.6.2.05
or higher, and HP-UX 11i v3 requires Kerberos v5 Client product E.1.6.2.05 or higher.
Please also note that the KRB5CLIENT product is a superior product to previous KRB5-Client patches
(such as PHSS_36286). Although patch PHSS_36286 is required, and designed to install over
the core Kerberos client patch, it will not overwrite the KRB5CLIENT product.
Note that the autosetup program checks for the PAM-Kerberos product 1.25 or higher, and Kerberos
v5 Client product 1.6.2.05 or higher.
Both "PAM Kerberos" (J5849AA) and "Kerberos Client" (KRB5CLIENT) products can be downloaded
from http://software.hp.com. They are available at: http://
software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J5849AA and
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRB5CLIENT.
2.4 Installing and configuring the LDAP-UX Client Services
This section provides basic instructions for installing and configuring the LDAP-UX Client Services.
For complete installation and configuration instructions, see the LDAP-UX Client Services B.05.01
Administrator Guide.
2.4.1 Installing the LDAP-UX Client Services
Use the SD-UX facility for installation. For more information, see the swlist(1M) manpage.
1. Log in to your system as root.
2. Run swinstall and install the LDAP-UX Client Services (LdapUxClient subproduct). It installs
the product software in /opt/ldapux and /etc/opt/ldapux directories.
3. If you require ONC publickey, ONC AutoFS, or integration with Active Directory Server,
please see the above section for details about required product versions and how to obtain
them. Install those products and/or patches for this step.
4. Install required patches listed above, if they have not been installed yet.
NOTE: Starting with the LDAP-UX product version B.03.20 or later, system reboot is not required
after installing the product. Although a reboot may be required depending on the patches that are
installed at the same time as this product
2.4.2 Configuring the LDAP-UX Client
LDAP-UX B.05.00 introduces a new method for configuring LDAP-UX, known as guided installation.
This mode greatly simplifies the LDAP-UX installation process, but also makes several configuration
decisions for you. And if you do not already have a directory server in your environment, and
have HP-UX Directory server installed, guided installation mode will create and configure a new
directory server instance for you.
If you already have a directory server running and you want to enable SSL or TLS support with
LDAP-UX, you must configure the LDAP directory server to support SSL or TLS, and install the security
databases (cert8.db and key3.db) on your client before you run the setup program. For
information about SSL or TLS configuration, see the LDAP-UX Client Services B.05.01 Administrator
Guide .
If your browser does not generate cert8.db and key3.db security database files, you must
export the certificate (preferably the root certificate of the Certificate Authority that signed the LDAP
server’s certificate) from your certificate server as a Base64-Encoded certificate and use the
certutil utility to create the cert8.db and key3.db security database files. For information
about preinstalling CA certificates in the /etc/opt/ldapux/cert8.db and /etc/opt/
12 LDAP-UX Client Services