Manualshelf

LDAP-UX Integration B.05.01 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
21222324252627282930
NOTE: The NIS/LDAP Gateway is not supported with Windows ADS.
3.1.6 Configuration quick start
If your NIS maps have been migrated to an LDAP directory, you can set up a ypldapd server
with only a few steps. (The ypldapd product is not supported with Windows ADS.) If you have
not migrated your NIS maps to the LDAP directory, see Installing and Administering NIS/LDAP
Gateway.
If you have already configured other NIS/LDAP Gateway servers on other systems, you can
simply duplicate the configuration file /opt/ldapux/ypldapd/etc/ypldapd.conf on the local
system.
Otherwise, edit the file /opt/ldapux/ypldapd/etc/ypldapd.conf and add the appropriate
values according to the descriptions in the file. Minimally you will need to update the ypdomain,
ldaphost, basedn, binddn and bindcred parameters. If you have a large LDAP database and
you are using 11i v2 or v3 NIS clients, you should set preload_maps to preload_maps
group.bynam. The user you identify in the binddn must be an LDAP directory user that is
allowed to read the userPassword attribute.
If the NIS domain you use is the same as the domain being used by an existing NIS server,
you must stop and disable the NIS server. You can do this by executing the command
/sbin/init.d/nis.server stop to stop the NIS server. Then change
NIS_SLAVE_SERVER and NIS_MASTER_SERVER to 0 in the file /etc/rc.config.d/namesvrs.
Once your NIS/Gateway server is running, you can test your setup with a ypcat(1) command,
such as ypcat group. You may need to wait (up to a minute) as the ypbind(1M) process attempts
to find the new NIS/LDAP Gateway server. To avoid this wait, you can stop and restart the client
as follows before issuing the ypcat command:
/sbin/init.d/nis.client stop
/sbin/init.d/nis.client start
3.2 Installing and configuring LDAP Client administration tools
This section provides basic instructions for installing the LDAP Client Administration Tools. For
complete installation and configuration instructions, see the NIS/LDAP Gateway Administrator’s
Guide.
3.2.1 Configuration quick start
This product does not require any specific configuration. However, once you have installed the
product, read the file /opt/ldapux/bin/README-ADMIN for instructions on how to simplify LDAP
directory administration from your LDAP-UX or NIS/LDAP Gateway clients.
You may also wish to create a front-end script to the ldappasswd command, to hide the LDAP
directory from the average HP-UX user.
Below are two examples you can cut and paste into a passwd shell script and then modify for your
environment:
#!/usr/bin/ksh
/opt/ldapux/bin/ldappasswd -b "your_base_DN" -h "ldap_server_host_name" \
-p "ldap_port"
#!/usr/bin/ksh
/opt/ldapux/bin/ldappasswd -b "ou=people,o=hp.com" \
-h "dirserver.lab.hp.com" -p 389
3.3 Known problems and workarounds
Known Problem
3.2 Installing and configuring LDAP Client administration tools 27