HP UX LDAP-UX Integration Software manual Ldap Data Interchange Format Ldif, Glossary 195

Page 209

Glossary

See also the Glossary in the Netscape Directory Server for HP-UX Administrator’s Guide available at http://docs.hp.com/hpux/internet.

Access Control Instruction A specification controlling access to entries in a directory.

Access Control List One or more ACIs.

ACI See See Access Control Instruction

IETF Internet Engineering Task Force; the organization that defines the LDAP specification. See http://www.ietf.org.

Configuration profile An entry in an LDAP directory containing information common to many clients, that allows clients to access user, group and other information in the directory. Clients download the profile from the directory.See also See also Client Configuration File.

DIGEST-MD5Message Digest version 5. It is a one-way hash function and always generates 20 bytes of output from text data.

LDAP See See Lightweight Directory Access Protocol

LDIF See See LDAP Data Interchange Format

LDAP Data Interchange Format (LDIF)

The format used to represent directory server entries in text form.

Lightweight Directory Access Protocol (LDAP) A standard, extensible set of conventions specifying communication between clients and servers across TCP/IP network connections.See also See also

SLAPD.

Name Service Switch (NSS) A framework that allows a host to get name information from various sources such as local files in /etc, NIS, NIS+, or an LDAP directory without modifying applications. See switch(4) for more information.

Network Information Service (NIS) A distributed database system providing centralized management of common configuration files, such as /etc/passwd and /etc/hosts.

NIS See See Network Information Service

NSS See See Name Service Switch

PAM See See Pluggable Authentication Mechanism

PAM Authorization Service Module

See The PAM Authorization Service Module allows the administrator to control which user subgroups of a large repository can login to the system pam_authz(5).

Pluggable Authentication Module (PAM) A framework that allows different authentication service modules to be made available without modifying applications. See pam_ldap(5), pam(3), and pam.conf(4) for more information.

Profile See See Configuration profile

RFC Request for Comments; a document and process of standardization from the IETF.

RFC 2307 The IETF specification for using LDAP as a Network Information Service. See http://www.ietf.org/rfc/rfc2307.txt.

Glossary

195

Page 208 Page 210
Image 209
Page 208 Page 210
Contents Manufacturing Part Number J4269-90071 E0207 EditionLegal Notices Contents Administering LDAP-UX Client Services Command and Tool Reference User Tasks Tables Viii Figures Figures New and Changed Documentation in This Edition Intended AudienceWhat’s in This document Publishing HistoryXiii HP Encourages Your Comments Typographical ConventionsChapter Overview of LDAP-UX Client ServicesSimplified NIS Environment Overview of LDAP-UX Client ServicesTraffic from replica updates How LDAP-UX Client Services WorksSimplified LDAP-UX Client Services Environment IntroductionThat use PAM and NSS Examples of Commands and SubsystemsCommands that use Commands that use PAM Login, ftpd Ls, who Overview of LDAP-UX Client Services Local Start-up File and the Configuration Profile Overview of LDAP-UX Client Services Chapter Before You Begin LDAP-UX Client ServicesSummary of Installing and Configuring Summary of Installing and ConfiguringOptionally modify the /etc/opt/ldapux/pamauthz.policy Plan Your Installation Plan Your InstallationStill log in to the system Share user names and passwords with other applications, Example Directory Structure Plan Your Installation Plan Your Installation Section must be set to yes. If the start option is enabled, Plan Your Installation Install LDAP-UX Client Services on a Client Install LDAP-UX Client Services on a ClientStep Configure Your DirectoryConfigure Your Directory Configure Your Directory Grant read access of all attributes of the posix schema Configure Your Directory Import Name Service Data into Your Directory Import Name Service Data into Your DirectoryDirectory Steps to Importing Name Service Data into YourConfigure the LDAP-UX Client Services Configure the LDAP-UX Client ServicesConfigure the LDAP-UX Client Services Quick Configuration Required to start the services Simple Sasl DIGEST-MD5 Configuration Parameter Default Values Configure the LDAP-UX Client Services Custom Configuration Specify up to three directory hosts, to be searched in order Specify the service you want to map? Specify the attribute you want to map You type 0 to exit this menu for the following question Answer Y instead of the default N For the question You want to create a custom search descriptor for Configure the LDAP-UX Client Serivces with SSL Support Configure the LDAP-UX Client Serivces with SSL SupportSteps to Download the CA Certificate from Mozilla Browser Configuring the LDAP-UX Client to Use SSLMail users, and Trust the CA to identify software developers Use the rm command to remove the old database files Steps to create database files using the certutil utilityConfigure the LDAP-UX Client Serivces with SSL Support Configure LDAP-UX Client Services with Publickey Support Configure LDAP-UX Client Services with Publickey SupportOctober Enhanced Publickey-LDAP Software for HP-UX 11i v1 orJune Configuring an Admin Proxy User Using ldapproxyconfig Extending the Publickey Schema into Your DirectoryAdmin Proxy User Password for an Admin Proxy User Setting ACI for Key ManagementSetting ACI for an Admin Proxy User An ExampleSetting ACI for a User Configuring serviceAuthenticationMethodProcedures Used to Configure serviceAuthenticationMethod Authentication MethodsServiceAuthenticationMethodkeyservsasl/digest-md5 Configuring Name Service Switch Configure LDAP-UX Client Services with Publickey Support AutoFS Support Automount SchemasAutoFS Patch Requirement AutoFS SupportSchema New Automount SchemaAn Example NisObject Automount Schema Limitations Obsolete Automount SchemaRemoving The Obsolete Automount Schema Attribute Mappings New Automount Attribute NisObject Automount Attribute MappingsEnvironment Variables AutoFS Migration ScriptsMigration Scripts Description General Syntax For Migration Scripts ExamplesSyntax Migrateautomount.pl ScriptAutoFS Support Following shows the /tmp/autoindirect.ldif file Migratenisautomount.pl ScriptFollowing shows the nispautomap.ldif file Migratenispautofs.pl ScriptVerify the LDAP-UX Client Services Verify the LDAP-UX Client ServicesMaking sure the output is as expected Verify the LDAP-UX Client Services #cat /etc/nsswitch.conf Configure Subsequent Client Systems Configure Subsequent Client SystemsChange the current configuration Download the Profile Periodically Download the Profile PeriodicallyCrontab crontab.profile #passwordas = Use r-command for PamldapUse r-command for Pamldap Password, and turning on the rcommand option for pamldap Use r-command for Pamldap Chapter Ldap Printer Configurator Overview OverviewDefinitions System How the Ldap Printer Configurator works How the Ldap Printer Configurator worksSystem administrator manually adds or removes printers to Printer Configurator Architecture Printer Configuration Parameters Printer Configuration ParametersAn Example Printer SchemaPrinter Schema Printer Schema Example Managing the LP printer configurationManaging the LP printer configuration Managing the LP printer configuration Managing the LP printer configuration Limitations of Printer Configurator Limitations of Printer ConfiguratorLimitations of Printer Configurator Chapter Administering LDAP-UX Client Overview Using The LDAP-UX Client DaemonUsing The LDAP-UX Client Daemon Starting the client LdapclientdControlling the client Client Daemon performanceDiagnostics Command optionsConfiguration file syntax Missing settingsLdapclientd.conf Opt/ldapux/config/setup Using The LDAP-UX Client Daemon 100 Chapter 101 102 Chapter 103 Configuration File Features and Limitations Integrating with Trusted ModeIntegrating with Trusted Mode AuditingPassword and Account Policies Chapter 107 PAM Configuration FileOthers Configuration Parameter Policy And Access Rules Pamauthz Login Authorization EnhancementPamauthz Login Authorization Enhancement Chapter 109Pamauthz Environment How Login Authorization WorksChapter 111 Policy FileFields in an Access Rule Constructing an Access Rule in pamauthz.policyField Syntax in an Access Rule ActiontyperuleChapter 113 Action No value is requiredChapter 115 116 Chapter 117 Policy ValidatorAn Example of /etc/opt/ldapux/pamauthz.policy File Adding a Directory ReplicaAdding a Directory Replica Chapter 119 Displaying the Proxy User’s DNDisplaying the Proxy User’s DN Creating a New Proxy User Verifying the Proxy UserExample Verifying the Proxy UserCreating a New Profile Displaying the Current ProfileDisplaying the Current Profile Chapter 121Modifying a Profile Changing Which Profile a Client Is UsingModifying a Profile Access Changing from Anonymous Access to ProxyChanging from Proxy Access to Anonymous Access Changing from Anonymous Access to Proxy AccessChanging from Proxy Access to Anonymous Access Minimizing Enumeration Requests Performance ConsiderationsPerformance Considerations Chapter 125Client Daemon Performance Client Daemon PerformanceLdapclientd Caching Chapter 127 Map Name Benefits Example Side-Effect128 Chapter 129 Ldapclientd Persistent Connections Troubleshooting TroubleshootingEnabling and Disabling LDAP-UX Logging Chapter 131TIP Enabling and Disabling PAM LoggingChapter 133 Netscape Directory Server Log FilesUser Cannot Log on to Client System 134 Chapter 135 You should get output like the following136 Chapter 137 Command and Tool ReferenceLDAP-UX Client Services Components Description LDAP-UX Client Services ComponentsLDAP-UX Client Services Components Chapter 139 LDAP-UX Client Services ComponentsComponent Description PA machine Files Description LDAP-UX Client Services Libraries on the HP-UX 11.0 or 11iChapter 141 LDAP-UX Client Services Libraries on the HP-UX 11i v2 PAMachine Files Description LDAP-UX Client Services Libraries on the HP-UX 11i v2 IA Createprofileentry Tool Client Management ToolsCreateprofilecache Tool Client Management ToolsDisplayprofilecache Tool Createprofileschema ToolChapter 145 Getprofileentry ToolGetprofileentry -s NSS Ldapproxyconfig ToolChapter 147 File148 Chapter 149 Beq Search Tool Beq Search ToolSyntax Chapter 151 Examples152 Chapter 153 Uid2dn ToolLdap Directory Tools Ldap Directory ToolsGetattrmap.pl Tool Chapter 155 Ldapentry156 Chapter 157 LdapsearchLdapmodify Ldapdelete Certutil Chapter 159 Adding One or More UsersAdding One or More Users Name Service Migration Scripts Name Service Migration ScriptsDefault Naming Context Naming ContextChapter 161 Migrating All Your FilesMigrating Individual Files Migration Scripts Script Name Description General Syntax for Perl Migration ScriptsMigration Scripts Chapter 163 Script Name Description164 Chapter 165 Ldappasswd Command Ldappasswd CommandChapter 167 168 Chapter 169 To Change PasswordsCannot Change Passwords on Replica Servers To Change PasswordsChapter 171 172 Chapter 173 To Change Personal InformationTo Change Personal Information 174 Chapter 175 Mozilla Ldap C SDK176 Mozilla Ldap C SDK File Components Mozilla Ldap C SDK File ComponentsMozilla Ldap C SDK File Components on the PA machine Files DescriptionMozilla Ldap C SDK File Components on the IA machine Chapter 179 Header Files Description Mozilla Ldap C SDK API Header FilesChapter 181 182 Appendix a 183 Table A-1 LDAP-UX Client Services Configuration WorksheetAppendix a Appendix a 185 186 Appendix B 187 ClassesAppendix B Profile AttributesProfile Attributes Appendix B 189 190 Appendix C 191 fileAppendix C Sample /etc/pam.ldap.trusted fileAppendix C 193 194 Glossary PAM Authorization Service ModuleLdap Data Interchange Format Ldif Glossary 195Glossary SlapdIndex SymbolsNIS, 2, 12, 15 Pwget, 4, 69 200
Related manuals
Manual 26 pages 60.39 Kb Manual 65 pages 7.83 Kb
Top Page Image Contents