ldapux.5 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

ldapux(5) ldapux(5)

NAME

ldapux - overview of LDAP-UX

DESCRIPTION

LDAP-UX is a new service that allows administrators to use a LDAP directory server to store information

about users, groups and other system information.

This manpage provides general information about LDAP-UX: the name services available, unsupported

features for LDAP-UX, and where to ﬁnd detailed documentation on LDAP.

LDAP-UX Services

There are four services provided by LDAP-UX:

NSS_LDAP

, PAM_LDAP, PAM_AUTHZ, and NIS/LDAP

Gateway.

•

NSS_LDAP

A name service switch module that uses LDAP to retrieve system information from a directory server

using the getpwent (3C), getgrent (3C), gethostent (3N), getrpcent (3C), getservent (3N), getprotoent (3N),

getnetent (3N), and the getnetgrent (3C) families of calls. It uses the name

ldap when conﬁguring the

nsswitch.conf ﬁle (see nsswitch.conf(4)). A sample

nsswitch.conf

ﬁle named

/etc/nsswitch.ldap

is delivered with the LDAP-UX product. For more details, see

nsswitch.conf (4).

•

PAM_LDAP

A PAM(3) module that takes advantage of the authentication facility provided by the LDAP directory

server. It is conﬁgured in the /etc/pam.conf

ﬁle (see pam.conf (4)). A sample pam.conf ﬁle

named

/etc/pam.ldap is delivered with the LDAP-UX product. For more details, see

pam_ldap (5).

•

PAM_AUTHZ

The pam_authz service module for PAM provides functionality to allow the administrator to control

who can log into the system based on netgroup information found in the /etc/passwd ﬁle or the

access rules deﬁned in the access policy ﬁle, /etc/opt/ldapux/pam_authz.policy

.For

detailed information, see pam_authz (5).

•

NIS/LDAP Gateway

A service that provides translation of NIS requests to LDAP requests. For more details, see

ypldapd (8).

Unsupported Features

Although

NSS_LDAP and PAM_LDAP support most uses of the user and group data, the following com-

mands are not supported when using LDAP-UX:

chsh not supported for LDAP-UX.

chfn not supported for LDAP-UX.

passwd only supported with PAM_LDAP, not supported for NSS_LDAP.

LDAP-UX Documentation

Conﬁguration of LDAP-UX is described in the documentation provided in its

readme ﬁle and is accom-

plished through the use of the setup program (located in the /opt/ldapux/config directory). See

also /opt/ldapux/README.

For details, see Installing and Administering LDAP-UX Client Services and LDAP-UX Client Services

Release Notes at

http://www.hp.com/go/hpux-security-docs

See the manuals (5) man page

for ordering information.

FILES

/etc/nsswitch.conf conﬁguration ﬁle for nsswitch

/etc/nsswitch.ldap example conﬁguration ﬁle for nsswitch using ldap

/etc/pam.conf conﬁguration ﬁle for PAM

/etc/pam.ldap example conﬁguration ﬁle for PAM using pam_ldap

/opt/ldapux/config directory containing conﬁguration tools for LDAP-UX

Summary of content (2 pages)

PAGE 1
ldapux(5) ldapux(5) NAME ldapux - overview of LDAP-UX DESCRIPTION LDAP-UX is a new service that allows administrators to use a LDAP directory server to store information about users, groups and other system information. This manpage provides general information about LDAP-UX: the name services available, unsupported features for LDAP-UX, and where to find detailed documentation on LDAP. LDAP-UX Services There are four services provided by LDAP-UX: NSS_LDAP, PAM_LDAP, PAM_AUTHZ, and NIS/LDAP Gateway.
PAGE 2
ldapux(5) ldapux(5) Product documentation at: /opt/ldapux/README. Online LDAP manuals at http://docs.hp.