LDAP-UX Client Services Object Classes

Profile Attributes

searchTimeLimit,

serviceAuthenticationMethod,

serviceCredentialLevel,

servicesearchDescriptor

NOTE

Profile Attributes

The attributes of DUAConfigProfile is defined as follows:

cn

is the common name of the profile entry.

attributeMap is a mapping from RFC 2307 attributes to alternate attributes. Use this if your entries do not conform to RFC 2307. Each entry consists of:

Service:Attribute=Altattribute where Service is

one of the supported services: passwd, group, shadow, pam, networks, hosts, protocols, services, rpc, or netgroup. Attribute is an attribute of the service as defined by RFC 2307. Altattribute is the attribute that should be used instead of the standard attribute.

For example, pam:userPassword=ntUserPassword maps the userPassword attribute to ntUserPassword for the pam service. passwd:uidnumber=employeeNumber maps the uidnumber attribute to employeeNumber for the passwd service.

The userPassword attribute is mapped to *NULL* to prevent passwords from being returned for increased security and to prevent PAM_UNIX from authenticating users in the LDAP directory. Mapping to *NULL* or any other nonexistent attribute means do not return anything.

188

Appendix B

Page 202
Image 202
HP UX LDAP-UX Integration Software manual Profile Attributes, Appendix B