Manuals / Brands / Computer Equipment / Software / HP / Computer Equipment / Software

HP UX LDAP-UX Integration Software LDAP:, HP-UXClient, HP-UXClient, LDAP Integration:, Windows 2000 Server, Windows 2000 Server, LDAP + PAM_Kerberos:

1 26

Download 26 pages, 124.39 Kb

LDAP Integration:Windows 2000 as LDAP server + HP-UX as LDAP Client + HP-UX PAM_Kerberos

HP-UX uses Windows 2000 AD to store user account and group information. The LDAP-UX client on HP-UX retrieves information from AD. The PAM Kerberos product on HP-UX uses Windows 2000 Kerberos Services to authenticate users who want to log into HP-UX machines. The following figure illustrates the integration between two platforms.

LDAP:

HP-UX Client

Windows 2000 Server

getpwnam

NSS engine

			Extend
	LDAP protocol		Extend
	LDAP protocol	Active	schema	Server for NIS
NSS_LDAP		Active		Server for NIS
		Directory		(SFU 2.0)
		Directory		(SFU 2.0)

LDAP + PAM_Kerberos:

HP-UX Client

Windows 2000 Server



PAM Library
	Kerberos protocol


		Kerberos Services
PAM_Kerberos		Kerberos Services
PAM_Kerberos

getpwnam()



NSS engine


	LDAP protocol	Active	Server for NIS
	LDAP protocol	Active	Server for NIS
		Directory	(SFU 2.0)
NSS_LDAP		Directory	(SFU 2.0)
NSS_LDAP
		9
		9

Contents

White Paper Legal Notices Introduction HP-UXand Windows 2000 Integration Products PAM: NSS: Windows Active Directory (AD): Kerberos Services: Page How HP-UXand Windows 2000 Products Integrate NIS+PAM_Kerberos: HP-UXclient Windows 2000 server LDAP Integration: Windows 2000 as LDAP server + HP-UXas LDAP Client + HP-UXPAM_Kerberos LDAP: LDAP + PAM_Kerberos: NIS vs. LDAP Integration: Benefits of Integration Configuring Windows 2000 and HP-UXUsing NIS Integration Step 1: Install Active Directory into your Windows 2000 server Step 2: Add an account for HP-UXclient machine to AD Step 3: Use ktpass to create the keytab file for HP-UXclient machine Step 4: Install SFU 2.0, including Server for NIS Step 1: Configure HP-UXas a NIS client Step 2: Change Name Service Switch (NSS) to use NIS Step 3: Start HP-UXas a NIS client Step 1: Download and install the PAM Kerberos product Step 2: Configure your HP-UXmachine to authenticate using PAM Kerberos Step 3: Change /etc/pam.conf to use PAM Kerberos Page Configuring Windows 2000 and HP-UXUsing LDAP Integration Step 2: Install Active Directory administrative tools Step 3: Install SFU 2.0 to extend the posix schema into AD Step 1: Add a proxy user to AD Step 1: Install the LDAP-UXClient Services product into your HP-UXmachine Step 2: Configure your HP-UXmachine to use AD as the directory server Step 3: Configure a proxy user Step 4: Change Name Service Switch (NSS) to use LDAP Security Administration Manage account and password policies Known problems and limitations Slow performance on object enumeration Password expiration End user Login procedure Password change Shell/finger information change Migration Appendix A: Setting a Proxy User’s Access Rights