HPE Community
Operating System - HP-UX
1835245 Members
2076 Online
110078 Solutions
New Discussion

AD integration

 
SOLVED
Go to solution
Jon Hill_3
Advisor

‎06-13-2003 02:01 PM

‎06-13-2003 02:01 PM

AD integration

We're bringing a new UX server online in a few months and are thinking about using LDAP-UX Client Services tied to Windows 2000 Active Directory.

We do not use NIS or NIS+. This box has five users locally defined. When the UX app is in production, maybe 150 users will need to access it, all of whom are defined in AD.

Many of the AD userids are more than eight characters long. If we move forward with LDAP-UX, what will happen when these long-named users try to log into the new server - can they just type in the first eight characters of their AD userids or will UX just refuse to accept their IDs at all? A preliminary review tells me that truncating all userids to first eight characters doesn't create any uniqueness problems.
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

‎06-13-2003 04:14 PM

‎06-13-2003 04:14 PM

Re: AD integration

If you properly do the LDAP implemmentation and use Windows as the PDC there are no issues with truncation, because you don't have to truncate user ids.

If you truncate them, you will in a large organization have uniqueness issues.

We are working towards this concept. My user id is firstnamelastname@juf.org

That can be a valid HP-UX user as well.

I'm linking in a few documents for you.

This thread has some meat on the subject:
http://search.hp.com/redirect.html?url=http%3A//forums.itrc.hp.com/cm/QuestionAnswer/1,,0xd77a19434a69d711abdc0090277a778c,00.html&qt=LDAP+Configueration+Windows+2000+PDC&hit=6

This therad has some useful informaiton as well:
http://search.hp.com/redirect.html?url=http%3A//forums.itrc.hp.com/cm/QuestionAnswer/1,,0x93fe5dc05a7ad711abdc0090277a778c,00.html&qt=LDAP+Configueration+Windows+2000+PDC&hit=1

This therad has an unresolved debate on the subject.
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xd77a19434a69d711abdc0090277a778c,00.html

How to get rid of that Windows Domain controller.
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x749e3a1c04ffd61190050090279cd0f9,00.html

Another approach
http://search.hp.com/redirect.html?url=http%3A//forums.itrc.hp.com/cm/QuestionAnswer/1,,0x685d87dc4d7dd5118ff00090279cd0f9,00.html&qt=LDAP+Configueration+Windows+2000+PDC&hit=23

2001 doc on ldap and HP-UX
http://search.hp.com/redirect.html?url=http%3A//forums.itrc.hp.com/cm/QuestionAnswer/1,,0xc00b72106351d5118fef0090279cd0f9,00.html&qt=LDAP+Configueration+Windows+2000+PDC&hit=40

Okay I didnt' find exactly what I wanted. I'll look harder and get back to you when I have more time.

I gave you a lot because I didn't fully understand the roles you have planned for the two OS's.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎06-13-2003 04:17 PM

‎06-13-2003 04:17 PM

Solution

Re: AD integration

This is it.

http://docs.hp.com/hpux/onlinedocs/internet/ADSLDUX.pdf

This is also important.

http://docs.hp.com/hpux/onlinedocs/1444/ldapux-performanceV2.pdf

Well, at least you didn't have to wait all weekend.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.