HP UX Internet Express Software manual 75

The remaining fields allow you to change the name of the LDAP attribute within the Object Class selected for the Password structure. The name of each attribute must be a member of the object class specified in the Object Class Name field.

•The Login Name field represents the name of the LDAP attribute to be used within the Password Object Class to store the name of a UNIX login (user) name. The default value is uid.

•Comment Field represents the name of the attribute used to store an optional comment for each user. The default value is description.

•The User Password Name field represents the name of the attribute used to store the user's password. The default value is userpassword.

•The Gecos field represents the name of the attribute used to store user gecos information (full name, phone number, and so on). The default value is gecos.

•The User ID field represents the name of the attribute used to store the UID number. The default value is uidNumber.

•The Home Directory Name field represent the attribute used to store the users home directory information. The default value is homedirectory.

•The Group ID field represents the name of the attribute used to store the GID number of a users default group. The default value is uidNumber.

•The Login Shell field represents the name of the attribute used to store the users default login shell. The default value is loginshell.

6.Click on Submit.

If the ldapcd.conf file was successfully updated, the Configure Password Attributes form is redisplayed with the Success icon at the top.

Configuring LDAP Group Attributes

To configure LDAP group attributes, follow these steps:

1.From the Administration utility Main menu, choose Manage Components.

2.From the Manage Components menu, under Users, choose LDAP Module for System Authentication.

3.From the LDAP Module for System Authentication Administration menu, choose Modify Configuration.

4.From the Modify Configuration menu, choose Configure Group Attributes.

When the Configure Group Attributes form is displayed, the default values shown are those stored in the /etc/ldapcd.conf file.

5.Using the Configure Group Attributes form, you can modify the mapping between LDAP attributes and the fields in the group structure returned by a call to getgrent(3). By default, the getgrent fields are mapped to the attribute names defined by the Internet Express extended schema (see Section : Extended LDAP Schema for UNIX Account Information).

The Object Class Name field represents the object class for the group structure in the LDAP schema. Only change this field if you are using an object class other than the default (posixGroup). The object class chosen must contain attributes for all of the components of a group(4) entry. Refer to the group(4) reference page for more information about group components.

The Group Branch Name field is used as the starting point in the LDAP directory for Group entries. Branches are used to partition a directory into smaller, easier to manage sections and are not required.

Configuring the LDAP Module for System Authentication 75