https://community.hpe.com/t5/operating-system-hp-ux/ldap-client-implementation/m-p/6096409#M484428 <P>Please see the limitations you may have while configuring HPUX Ldapclient with Microsoft AD</P><P>&nbsp;</P><P><A target="_blank" href="http://h30499.www3.hp.com/t5/System-Administration/Problem-setting-up-LDAP-UX-with-AD-continued/m-p/4576641#M373315">http://h30499.www3.hp.com/t5/System-Administration/Problem-setting-up-LDAP-UX-with-AD-continued/m-p/4576641#M373315</A></P><P>&nbsp;</P><P>You can limit the AD accounts to login to UNIX servers by adding "ABORT_LOGIN_ON_MISSING_HOMEDIR=1" in /etc/default/security and manually creating home directories for only needed accounts.</P><P>&nbsp;</P><P>Also you can use "disable_uid_range=xxxx" to disable some accounts to be logged in HPUX servers&nbsp; by configuring ldapux_client.conf.</P><P>&nbsp;</P><P>&nbsp;</P><P>Regards,</P><P>Aneesh</P><P>&nbsp;</P><P>&nbsp;</P> Sun, 09 Jun 2013 07:19:18 GMT Aneesh Mohan 2013-06-09T07:19:18Z https://community.hpe.com/t5/operating-system-hp-ux/ldap-client-implementation/m-p/6095051#M484408 <P>Hi Admins,</P><P>&nbsp;</P><P>Need to configure ldap client in HPUX 11.31 without adding to domain.</P><P>&nbsp;</P><P>I dont want every user registered in AD,able to access the client.</P><P>&nbsp;</P><P>Plan is to manually create AD userid in client,but password should take from AD.So that only these users has access to ldap client.</P><P>&nbsp;</P><P>LDAP server is windows.</P><P>&nbsp;</P><P>I have executed /opt/ldapux/config/autosetup script,but its asking to add to domain.</P><P>&nbsp;</P><P>Current version of LDAP is B.05.01.</P><P>&nbsp;</P><P>Please guide.</P><P>&nbsp;</P><P>Regards</P><P>himacs</P> Fri, 07 Jun 2013 06:17:49 GMT https://community.hpe.com/t5/operating-system-hp-ux/ldap-client-implementation/m-p/6095051#M484408 himacs 2013-06-07T06:17:49Z https://community.hpe.com/t5/operating-system-hp-ux/ldap-client-implementation/m-p/6096409#M484428 <P>Please see the limitations you may have while configuring HPUX Ldapclient with Microsoft AD</P><P>&nbsp;</P><P><A target="_blank" href="http://h30499.www3.hp.com/t5/System-Administration/Problem-setting-up-LDAP-UX-with-AD-continued/m-p/4576641#M373315">http://h30499.www3.hp.com/t5/System-Administration/Problem-setting-up-LDAP-UX-with-AD-continued/m-p/4576641#M373315</A></P><P>&nbsp;</P><P>You can limit the AD accounts to login to UNIX servers by adding "ABORT_LOGIN_ON_MISSING_HOMEDIR=1" in /etc/default/security and manually creating home directories for only needed accounts.</P><P>&nbsp;</P><P>Also you can use "disable_uid_range=xxxx" to disable some accounts to be logged in HPUX servers&nbsp; by configuring ldapux_client.conf.</P><P>&nbsp;</P><P>&nbsp;</P><P>Regards,</P><P>Aneesh</P><P>&nbsp;</P><P>&nbsp;</P> Sun, 09 Jun 2013 07:19:18 GMT https://community.hpe.com/t5/operating-system-hp-ux/ldap-client-implementation/m-p/6096409#M484428 Aneesh Mohan 2013-06-09T07:19:18Z https://community.hpe.com/t5/operating-system-hp-ux/ldap-client-implementation/m-p/6097201#M484443 <P>Hi Aneesh,</P><P>&nbsp;</P><P>Thanks for the response.</P><P>&nbsp;</P><P>The links you provided was not veru clear to me on connecting to ldap server without adding to domain.</P><P>&nbsp;</P><P>"ABORT_LOGIN_ON_MISSING_HOMEDIR=1" in /etc/default/security &gt;&gt;&gt; If we creating manual home folder in client,but real home folder exists in AD server.Thus which home folder, system may use to ogin.</P><P>&nbsp;</P><P>Regards</P><P>Pavan</P> Mon, 10 Jun 2013 08:52:16 GMT https://community.hpe.com/t5/operating-system-hp-ux/ldap-client-implementation/m-p/6097201#M484443 himacs 2013-06-10T08:52:16Z