Manualshelf

Preparing your LDAP Directory for HP-UX Integration

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
31323334353637383940
28
directory, a collision will occur.
Aside from the cn attribute being case-insensitive, so is the uid attribute used by the posixAccount object
class. The issues with uid are the same as for cn and /etc/group.
A couple options exist to resolve these conflicts:
The simplest option is to rename one of the groups or uids to eliminate all possible ambiguity.
If you are using the LDAP-UX Client Services product and you decide that you need to use a
case sensitive attribute, instead of cn or uid, this product does allow alternate attribute types to
be used through an attribute mapping feature. In this case, a new attribute type could be created
which is a case-exact-string. Then the cn or uid attribute in RFC 2307 could be mapped to the
new attribute. This feature is not available in the NIS/LDAP Gateway product.
One option that should not be considered would be to change the directory schema, changing cn or uid from
a case-ignore-string to a case-exact-string. This type of schema change would almost assuredly break other
LDAP-based applications.
HP-UX Syntax Requirements on RFC 2307 Data
The HP-UX operating system and customer applications have restrictions on the format and size of the
Posix data in the directory. Some of these restrictions are well defined, however others depend on the
applications used in your environment. If you are simply migrating existing data from NIS or the /etc/…
files, you should not have any issues with format or size limits, assuming your environment works correctly
today. However, an LDAP directory is not required to control the format of the directory data. Thus, when
new Posix data is introduced into the directory, it may break existing applications. This section provides
some guidelines to help prevent formatting problems.
String Size
The most likely attributes that could cause concerns are the uid and cn attributes. These two attributes are
used to represent the user's name and a group's name, respectively. HP-UX defines this limit to be at most 8
characters. For example, the "ls -l" listing will be poorly formatted with a longer name. Example:
# ll
total 6
-rw-rw-r-- 1 bobj sys 5 Oct 15 20:05 file1
-rw-rw-r-- 1 mr_long_namsys 4 Oct 15 20:05 file2
-rw-rw-r-- 1 root sys 7 Oct 15 20:05 file3
Just as important is the effect of large user names on customer or third party applications. An application
presented with a user uid name of 50 characters may abort.
The string size limitation is not a new problem when using LDAP as your naming service for HP-UX.
However, now that HP-UX will be integrating with other LDAP based applications in your directory, it is
more likely you may encounter this problem.