HP UX LDAP-UX Integration Software manual Ldap Integration, HP-UX Client Windows 2000 Server

Page 9

LDAP Integration:

Windows 2000 as LDAP server + HP-UX as LDAP Client + HP-UX PAM_Kerberos

HP-UX uses Windows 2000 AD to store user account and group information. The LDAP-UX client on HP-UX retrieves information from AD. The PAM Kerberos product on HP-UX uses Windows 2000 Kerberos Services to authenticate users who want to log into HP-UX machines. The following figure illustrates the integration between two platforms.

LDAP:

HP-UX Client

Windows 2000 Server

getpwnam ()

NSS engine

NSS_LDAP

LDAP protocol

 

Extend

 

Active

schema

Server for NIS

Directory

 

(SFU 2.0)

 

 

 

LDAP + PAM_Kerberos:

HP-UX Client

Windows 2000 Server

login

PAM Library

PAM_Kerberos

getpwnam()

NSS engine

NSS_LDAP

Kerberos protocol

LDAP protocol

Kerberos Services

Active

Directory

Server for NIS (SFU 2.0)

9

Page 8 Page 10
Image 9
Page 8 Page 10
Contents White Paper Copyright Notices Legal NoticesIntroduction HP-UX and Windows 2000 Integration Products PAM and NSSPAM Kerberos Services for Unix SFU Kerberos ServicesWindows Active Directory ADNIS Server NIS Integration How HP-UX and Windows 2000 Products IntegrateHP-UX Client Windows 2000 ServerNIS+PAMKerberos HP-UX client Ldap Integration HP-UX Client Windows 2000 ServerLdap + PAMKerberos HP-UX Client Windows 2000 Server NIS vs. Ldap Integration Benefits of Integration Common AuthenticationCommon Data Repository Single Point of Account ManagementInstall Active Directory into your Windows 2000 server Configuring Windows 2000 and HP-UX Using NIS IntegrationInstall SFU 2.0, including Server for NIS Add an account for HP-UX client machine to ADPAM Kerberos Configuration NIS Client ConfigurationAdd the Kerberos services to /etc/services Create /etc/krb5.confAdd a host key to the /etc/krb5.keytab file Synchronize the HP-UX clock to the Windows 2000 clock Change /etc/pam.conf to use PAM KerberosPassword sufficient /usr/lib/security/libpamunix.1 Configuring Windows 2000 and HP-UX Using Ldap Integration Software InstallationActive Directory Configuration LDAP-UX Client Services Configuration Run the setup toolVerify profile cache Change Name Service Switch NSS to use Ldap Configure a proxy userSecurity Administration Add and delete groupsAdd and delete user accounts Password expiration Manage account and password policiesUser forced to change password Login procedureMigration Appendix a Setting a Proxy User’s Access Rights Read memberUid Read msSFUPassword Read msSFUName
Related manuals
Manual 214 pages 54.35 Kb Manual 65 pages 7.83 Kb
Top Page Image Contents