Manualshelf

Preparing your LDAP Directory for HP-UX Integration

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
12345678910
5
Gateways cache timer. With one exception, this latency is eliminated when a user changes his/her
password, but only when using the ldappasswd tool.
LDAP-UX Client Services
The LDAP-UX Client Services product is installed directly on an HP-UX client. All user and group name
service requests are routed through the "Name Service Switch" and then directly to the LDAP directory. In
addition, aside from name services, the LDAP-UX Client Services product also supports the PAM
(Pluggable Authentication Module) architecture.
Features
Supports PAM architecture: By supporting the PAM architecture, the HP-UX client becomes truly
integrated in the LDAP environment. The PAM_LDAP library allows the HP-UX system to use the
LDAP directory as a trusted server for authentication. This means that passwords may not only be
stored in any syntax (as mentioned by the "crypt" issue above) but also means that passwords may
remain hidden from view (preventing a decryption attack on the hashed passwords.) Because passwords
can be stored in any syntax, HP-UX will be able to share passwords with other LDAP enabled
applications.
No data update latency: Because LDAP-UX Client Services retrieves data directly from the LDAP
directory, without caching, updates to information in the LDAP database are visible immediately to the
HP-UX system.
Profile based configuration: Helping to reduce administration costs, the LDAP-UX Client Services
product is designed to retrieve its configuration data directly from the LDAP directory. This
configuration data is stored in a profile, which can be shared among many clients. This not only reduces
installation time, but also allows a single change in the profile to re-configure all clients that use that
same profile.
Integrated password changes: As opposed to the NIS/LDAP Gateway, and thanks to the PAM
architecture, users can change their passwords seamlessly on the HP-UX client.
Caveats
Limited database support: The initial version of the LDAP-UX Client Services product will only
support the passwd, group and shadow databases. If you use NIS and choose to use other databases in
your network (such as netgroup or services,) your environment may be better suited to the NIS/LDAP
Gateway product. However, in many cases the functionality and features an NIS environment can be