Manualshelf

LDAP-UX Integration B.05.01 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
21222324252627282930
For users having the same user name in multiple domains, LDAP-UX may return user data from
a different domain if the original domain controller fails
A user may not be able to change their password if his/her uid number is not unique in the
forest
2.7.8 Limitations of printer configurator
The new LDAP printer schema based on /etc/opt/ldapux/schema/RFC3712.xml is
imported into the HP-UX Directory Server to create the printer objects.
The LDAP-UX Client Services only supports the HP LP spooler system, network printers, and
printer servers that support the Line Printer Daemon (LPD) protocol. The printer configurator
does not support local printers.
In a global management environment, it is hard to determine a default printer for the individual
client system. The LDAP printer configurator treats every printer entry as the regular printer.
The administrator or user is required to manually select a printer as a default printer for the
client system.
2.7.9 Unsupported commands
The following HP-UX commands currently do not work with LDAP-UX Client Services:
Table 3 Unsupported HP-UX Commands
Does not change the “finger information for users in the
directory. For more information, see the finger(1) manpage.
chfn(1)
Does not change the login shell for users in the directory.chsh(1)
The System Administration Manager (SAM) does not
manage name service information in the directory.
However, the System Management Homepage, smh(1M),
provides similar capabilities in HP-UX 11i v3 with full and
integrated support for LDAP.
sam(1M)
These commands do not manage user information in the
directory. However, similar commands, ldapugadd,
ldapugdel, and ldapugmod support LDAP user and
group operations with similar parameters.
useradd(1M),
userdel(1M),
usermod(1M)
These commands do not manage group information in the
directory. However, similar commands, ldapugadd,
ldapugdel, and ldapugmod support LDAP user and
group operations with similar parameters.
groupadd(1M),
groupdel(1M),
groupmod(1M)
Additional tools are available to perform management in the LDAP directory and include:
ldaphostmgr, ldaphostlist, ldapmodify, ldapsearch, ldapdelete, and ldapentry.
2.7.10 Clear text passwords
login(1), passwd(1) and ldappasswd(1) transmit passwords in clear text (unencrypted) over the
network unless SSL, TLS, or SASL Digest-MD5 authentication is enabled with setup. To support
SASL/DIGEST-MD5, some directory server products (including HP-UX Directory Server) store the
password in clear text. By default, when using customized install mode, SSL and SASL/DIGEST-MD5
authentication is disabled. Using SSL or TLS (a default when using guided installation mode) allows
passwords to be stored in any format on the directory server (including the Salted Secure Hash
Algorithm, SSHA), and also protects password transmission over the network.
22 LDAP-UX Client Services