HPE Community
Operating System - HP-UX
1832487 Members
4029 Online
110043 Solutions
New Discussion

Credential Management

 
Alan Garner
Frequent Advisor

‎09-13-2007 04:05 AM

‎09-13-2007 04:05 AM

Credential Management

Forgive me for the long post and/or if I have overlooked any posted solutions....

We are in the process of migrating from MPE to HP-UX 11 v2. Currently, we have multiple applications running on 2 "manually load balanced" servers. Meaning, each Windows client is hard coded to a specific MPE server from within our chosen terminal emulator. Upon a successful logon, and based on each users profile, they either get a command prompt or a menu. The user accounts on each server are maintained separately and NO password management is done. This will be changed!!!

Once the application is ported to HP-UX, I will have to create/import some 500 user accounts. Here in lies the issue...our new environment will contain not only 2 production but 2 development servers as well (which will also serve as backups). This means that I will have to synchronize ~500 user accounts on 4 different servers...something I would rather not attempt! I need a solution to sync credentials.

While we could technically get away with NIS+ for now, if we ever needed/wanted to upgrade to v3 or better we would have to migrate yet again as it has been deprecated. I thought about using our existing MS AD environment, but the Unix Identity Management that comes with Win2k3 R2 seemed to cause problems on the DC once I installed it (although it did work).

Then there is OpenLDAP and its many derivatives. I suppose that might work but I have not had the opportunity to work with it yet.

Please post your thoughts on credential management or any other aspect of moving to HP-UX from MPE. Thanks in advance!

--Alan
0 Kudos
Reply
4 REPLIES 4
TwoProc
Honored Contributor

‎09-13-2007 04:33 AM

‎09-13-2007 04:33 AM

Re: Credential Management

Wow, does that bring back memories... I made that conversion back in 1993. And, I didn't have the user sizing issues that you have now. But, I do use ldap for managing users, and I do recommend using it. I don't let it manage my admin accounts, because I don't want to have software stop running and failing because ldap dies (not that it has). Everything else (users) gets run ldap. You could host the ldap server from HPUX, Linux, or even Windows.
We are the people our parents warned us about --Jimmy Buffett
0 Kudos
Reply
Alan Garner
Frequent Advisor

‎09-13-2007 04:37 AM

‎09-13-2007 04:37 AM

Re: Credential Management

Which LDAP do you use? MS ADS, OpenLDAP, Fedora Directory Services, etc.
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎09-13-2007 04:41 AM

‎09-13-2007 04:41 AM

Re: Credential Management

You might want to take a look at this product:

LDAP-UX Integration
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J4269AA

0 Kudos
Reply
Alan Garner
Frequent Advisor

‎09-13-2007 04:47 AM

‎09-13-2007 04:47 AM

Re: Credential Management

Thanks for your post Patrick but I already knew about that. In fact I actually got it working against our ADS environment. The problem came when the DC I installed the Unix Identity management on started throwing BSOD and auto-restarting! I just removed it today so we'll see if the server stops going haywire.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.