Installing And Configuring LDAP-UX Client Services
Configure LDAP-UX Client Services with Publickey Support
Configure LDAP-UX Client Services with
Publickey Support
LDAP-UX Client Services B.04.00 or later version supports discovery and management of publickeys in an LDAP directory. Both public and secret keys, used by the Secure RPC API can be stored in user and host entries in an LDAP directory server, using the nisKeyObject objectclass. Support for discovery of keys in an LDAP directory server is provided through the getpublickey() and getsecretkey() APIs. You can use chkey and newkey commands to manage user and host keys in an LDAP server. The chkey -s ldap command is used to change user’s secure RPC public key and secret key in an LDAP directory. The newkey -u <username> -s ldap command is used to add new keys for users to an LDAP directory while the newkey -h <hostname> -s ldap command is used to create new keys for machines to an LDAP directory.
For detailed information on the newkey and chkey commands, refer to newkey(1M), chkey(1), getpublickey(3N), getsecretkey() and publickey(4) man pages.
HP-UX Enhanced Publickey-LDAP Software
Requirement on HP-UX 11i v1 or v2
Support for publickey through LDAP requires functionality enhancement in LDAP-UX Client Services and an enhancement in the ONC product. ONC with publickey LDAP support is available through the HP-UX Enhanced Publickey-LDAP Software Pack (SPK) web release.
To enable the publickey LDAP support, you must install the Enhanced Publickey-LDAP software bundle shown on Table 2-2 and LDAP-UX Client Services B.04.00 or later on your client systems. The software bundle contains all the required patches plus the enablement product for this new feature. On HP-UX 11i v3, the software bundle is not required. For detailed information, refer to the ONC with Publickey LDAP Support Software Pack Release Notes at the following web site:
http://docs.hp.com/en/netcom.html