HP UX LDAP-UX Integration Software manual White Paper

Contents White Paper Copyright Notices Legal NoticesIntroduction PAM and NSS HP-UX and Windows 2000 Integration ProductsPAM Kerberos Services for Unix SFU Kerberos ServicesWindows Active Directory ADNIS Server NIS Integration How HP-UX and Windows 2000 Products IntegrateHP-UX Client Windows 2000 ServerNIS+PAMKerberos HP-UX client HP-UX Client Windows 2000 Server Ldap IntegrationLdap + PAMKerberos HP-UX Client Windows 2000 Server NIS vs. Ldap Integration Benefits of Integration Common AuthenticationCommon Data Repository Single Point of Account ManagementInstall Active Directory into your Windows 2000 server Configuring Windows 2000 and HP-UX Using NIS IntegrationInstall SFU 2.0, including Server for NIS Add an account for HP-UX client machine to ADPAM Kerberos Configuration NIS Client ConfigurationCreate /etc/krb5.conf Add the Kerberos services to /etc/servicesAdd a host key to the /etc/krb5.keytab file Synchronize the HP-UX clock to the Windows 2000 clock Change /etc/pam.conf to use PAM KerberosPassword sufficient /usr/lib/security/libpamunix.1 Software Installation Configuring Windows 2000 and HP-UX Using Ldap IntegrationActive Directory Configuration Run the setup tool LDAP-UX Client Services ConfigurationVerify profile cache Change Name Service Switch NSS to use Ldap Configure a proxy userSecurity Add and delete groups AdministrationAdd and delete user accounts Password expiration Manage account and password policiesUser forced to change password Login procedureMigration Appendix a Setting a Proxy User’s Access Rights Read memberUid Read msSFUPassword Read msSFUName