Manualshelf

Preparing your LDAP Directory for HP-UX Integration

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
12345678910
4
Some of the main features and caveats of the NIS/LDAP Gateway are:
Features
Supports NIS Clients: By supporting the NIS version 2 protocol, the NIS/LDAP Gateway can serve
requests from any NIS version 2 client. This means the NIS/LDAP Gateway can support HP-UX 10.20
and higher clients, and others. If you have an existing NIS infrastructure, you can migrate to LDAP
with less effort using the NIS/LDAP Gateway.
Supports all common NIS databases: The NIS/LDAP Gateway fully supports the RFC 2307 schema.
This means that any NIS database can be stored in and retrieved from an LDAP directory. However, in
some cases this can be a challenge, such as with the netgroup database (see "Netgroups, Issues and
Limitations" on page 33 for more information.)
Caches data: The NIS/LDAP Gateway caches data on the gateway server. This not only improves
performance for NIS clients, but also greatly reduces demands on the LDAP server. If you are restricted
to have a limited number of LDAP servers, the NIS/LDAP Gateway can act as a front end to those
servers, distributing the request load.
No changes required on client: As long as you are currently using an NIS environment today, you can
swap in a NIS/LDAP Gateway server in your environment, without requiring changes to your clients.
Available Today: The NIS/LDAP Gateway server is available for the HP-UX 10.20 operating system
today. The NIS/LDAP Gateway is targeted to be available on HP-UX 11.00 in the first half of 2000.
Caveats
Passwords stored in "crypt" format: In order to maintain full support for NIS and existing HP-UX
applications, account passwords must be stored in the LDAP directory in Unix "crypt" format. If your
directory server does not understand this hashing syntax, this requirement may limit the ability to
integrate other LDAP enabled applications with HP-UX. For example, a user using an LDAP enabled
email application would not be able to login to his email system using the same password as he uses for
his HP-UX account.
Does not support yppasswdd: NIS clients can change their passwords in the NIS database thanks to
the yppasswdd daemon. Since the password is no longer stored in an NIS database, this daemon is not
supported by the NIS/LDAP gateway. Users can still change their passwords through the provided
ldappasswd tool or other means (such as a LDAP administration web page.)
Data modification latency: Because the NIS/LDAP Gateway caches data, any changes to the LDAP
directory will not be immediately visible to the client. This latency depends on the configuration of the