HP-UX Reference (11i v3 07/02) - 5 Miscellaneous Topics (vol 9)
l
ldapux(5) ldapux(5)
NAME
ldapux - overview of LDAP-UX
DESCRIPTION
LDAP-UX is a new service that allows administrators to use a LDAP directory server to store information
about users, groups and other system information.
This manpage provides general information about LDAP-UX: the name services available, unsupported
features for LDAP-UX, and where to find detailed documentation on LDAP.
LDAP-UX Services
There are four services provided by LDAP-UX: NSS_LDAP
, PAM_LDAP, PAM_AUTHZ, and NIS/LDAP
Gateway
.
• NSS_LDAP
A name service switch module that uses LDAP to retrieve system information from a directory server
using the getpwent(3C), getgrent(3C), gethostent(3N), getrpcent(3C), getservent (3N), getprotoent (3N),
getnetent(3N), and the getnetgrent(3C) families of calls. It uses the name
ldap when configuring the
nsswitch.conf file (see nsswitch.conf(4)). A sample
nsswitch.conf file named
/etc/nsswitch.ldap
is delivered with the LDAP-UX product. For more details, see
nsswitch.conf(4).
•
PAM_LDAP
A PAM(3) module that takes advantage of the authentication facility provided by the LDAP directory
server. It is configured in the /etc/pam.conf
file (see pam.conf(4)). A sample pam.conf file
named
/etc/pam.ldap is delivered with the LDAP-UX product. For more details, see pam_ldap(5).
•
PAM_AUTHZ
The pam_authz service module for PAM provides functionality to allow the administrator to control
who can log into the system based on netgroup information found in the /etc/passwd file or the
access rules defined in the access plicy file,
/etc/opt/ldapux/pam_authz.policy
.For
detailed information, see pam_authz(5).
•
NIS/LDAP Gateway
A service that provides translation of NIS requests to LDAP requests. For more details, see ypldapd(8).
Unsupported Features
Although
NSS_LDAP and PAM_LDAP support most uses of the user and group data, the following com-
mands are not supported when using LDAP-UX:
chsh not supported for LDAP-UX.
chfn not supported for LDAP-UX.
passwd only supported with PAM_LDAP, not supported for NSS_LDAP.
LDAP-UX Documentation
Configuration of LDAP-UX is described in the documentation provided in its
readme file and is accom-
plished through the use of the
setup program (located in the /opt/ldapux/config
directory). See
also /opt/ldapux/README.
For details, see Installing and Administering LDAP-UX Client Services and LDAP-UX Client Services
Release Notes at
http://docs.hp.com/hpux/internet
. See the manuals(5) man page for order-
ing information.
FILES
/etc/nsswitch.conf configuration file for nsswitch
/etc/nsswitch.ldap example configuration file for nsswitch using ldap
/etc/pam.conf configuration file for PAM
/etc/pam.ldap example configuration file for PAM using pam_ldap
/opt/ldapux/config
directory containing configuration tools for LDAP-UX
SEE ALSO
ldapentry(1), ldapclientd(1M), getpwent(3C), getgrent(3C), pam(3), ldapclientd.conf(4), nsswitch.conf(4),
pam_ldap(5), ypldapd(8).
230 Hewlett-Packard Company − 1 − HP-UX 11i Version 3: February 2007