IBM HPSS manual Hpss Installation Guide July Release 6.2 Revision 151

•Authentication Type. There are two supported options: Keytab File or Password. The Keytab File option allows HPSS servers or utilities to read a keytab file to authenticate. The Password option requires a password to be supplied each time an HPSS server or utility is invoked.

•Password. The password used to authenticate the caller when the HPSS server or utility is invoked. This field is not enterable when the Authentication Type field is set to Keytab File.

•Keytab File. The pathname of the keytab file to be created if the Authentication Type is set to "Keytab File". This file is normally located in the /var/hpss/etc directory. This field is not enterable when the Authentication Type field is set to Password.

6.Review and modify (if necessary) the following authorization fields:

•Local Site Name. The value is usually set to the full machine name of the local host which can be determined using the 'hostname' and 'domainname' commands.

•Local Realm Name. The value is usually set to the "Local Site Name" all capitalized.

•Local Realm ID. The field is set to a unique ID number for each site. Ask your support representative for an appropriate value.

•Realm URL. This field is only needed for cross realm. Accept the default value.

•Administrator DN (Distinguished Name). The administrator name that is allowed to add/update/remove entries in LDAP.

•Administrator Password. The password used by the administrator to manage entries in LDAP.

•Verify Password. Repeat of the LDAP administrator password entered to verify it was entered correctly.

•Enable Kerberos authentication. This must be enabled. UNIX Authentication is not supported with LDAP Authorization

•Configure an LDAP server in this host. The flag is set to create an LDAP instance locally on this host machine. If an LDAP server already exists, un-select this flag.

•Re-create DB2 Instance. The flag is set to indicate that a new LDAP database is to be created. If an LDAP server and database already exist, un-select this flag.

•DB2 Instance Name. The LDAP's DB2 instance owner.

•Database Name. The name of the LDAP database. In most cases, the default value of 'ldaphpss' should be used.

•DB2 Instance Owner Password. This is the UNIX password for the userid specified in the "DB2 Instance" field.

7.By default, the system's configuration files (/etc/passwd, /etc/group, and /etc/shadow) are used to administer the authentication and authorization services. As an option, the HPSS configuration files can be used instead. These files will be created by mkhpss as part of this configuration step. Other HPSS utilities are available to administer these HPSS configuration files. Refer to Section 2.2.2: Security Mechanisms in the HPSS Management Guide for more information. To use the HPSS configuration files, select the "Enable local