Installing And Configuring
Configure Your Directory
|
| Configure Your Directory |
|
| This section describes how to configure your directory to work with |
|
| |
|
| Server for |
|
| Release Notes for information on supported directories. If you have a |
|
| different directory, see the documentation for your directory for details |
|
| on how to configure it. |
|
| See Preparing Your LDAP Directory for |
|
| http://docs.hp.com/hpux/internet for more details on directory |
|
| configuration. |
Step | 1. | Install the posix schema (RFC 2307) into your directory. |
|
| If you have Netscape Directory Server for |
|
| the posix schema is already installed. |
|
| The schema is in the |
|
| information on the posix schema (RFC 2307), see |
|
| http://www.ietf.org/rfc.html. RFC 2307 consists of object classes such as: |
|
| posixAccount, posixGroup, shadowAccount, etc. posixAccount represents |
|
| a user entry from /etc/passwd. posixGroup represents a group entry from |
|
| /etc/group. And shadowAccount provides additional user information for |
|
| added security. |
Step | 2. | Restrict write access to certain passwd (posixAccount) attributes of the |
|
| posix schema. |
|
|
|
CAUTION |
| Make sure you restrict access to the attributes listed below. Allowing |
|
| users to change them could be a security risk |
|
|
|
Grant write access of the uidnumber, gidnumber, homedirectory, and uid attributes only to directory administrators; disallow write access by all other users. You may want to restrict write access to other attributes in the passwd (posixAccount) entry as well.
Chapter 2 | 21 |