HPE Community
Operating System - HP-UX
1831320 Members
3009 Online
110023 Solutions
New Discussion

Re: ldapux integration with OpenLDAP

 
Robert Binkhorst
Trusted Contributor

‎12-08-2003 09:02 PM

‎12-08-2003 09:02 PM

ldapux integration with OpenLDAP

Hi All,

I've got a question for you, I searched the forum (and google of course) and have read the docs on docs.hp.com, and I still can't find the answer. This is my problem:

I've set up a OpenLDAP server on a RedHat 7.2 system (openldap-2.0.11-13), it includes the hpuxldap.schema found on these forums. HP-UX 11i servers can authenticate/search the directory no problems, using a profile created specifically for HP-UX using the beforementioned schema.

The profile ldif is as follows:
dn: cn=uxprofile,ou=profiles,dc=example,dc=com
cn: uxprofile
objectClass: DUAConfigProfile
defaultserverlist: 192.168.241.38
defaultsearchbase: dc=example,dc=com
defaultSearchScope: one
servicesearchdescriptor: passwd:ou=bol,ou=hv,dc=example,dc=com
servicesearchdescriptor: group:ou=bol,ou=hv,dc=example,dc=com
profilettl: 3600
credentiallevel: proxy anonymous

This works fine when running the /opt/ldapux/config/setup utility, but it then shows that I have no proxy user defined.

Since I want to use a proxy user I run the following command, but it fails:
/opt/ldapux/config# ./ldap_proxy_config -d uid=proxy_user,ou=special_users,dc=example,dc=com -c
Unable to get proxy user's information - exiting
The error returned is 9

I'm running the OpenLDAP server on the linux box with a debug level of 256 and it shows no connection on the server side when running the ldap_proxy_config command.

Has anyone got this running yet? Where does this command try and get it's proxy user's information from? Is there some addition to the profile required or do I need to do something to the /etc/opt/ldapux/pcred file?

Thanks all,

Rob
linux: the choice of a GNU generation
0 Kudos
Reply
4 REPLIES 4
Neil Dixon
Advisor

‎12-09-2003 12:45 AM

‎12-09-2003 12:45 AM

Re: ldapux integration with OpenLDAP

Sorry if this is an obvious question, but have you already created the proxy_user object in your LDAP DB?
I.e. does ldapsearch -h server -B 'cn=Directory Manager' -w password uid=proxy_user return anything?
0 Kudos
Reply
Robert Binkhorst
Trusted Contributor

‎12-09-2003 01:48 AM

‎12-09-2003 01:48 AM

Re: ldapux integration with OpenLDAP

Yup, the proxy_user exists and can be found by searching the base dn.

dn: uid=proxy_user,ou=special_users,ou=bol,ou=hv,dc=anwb,dc=loc
cn: proxy
gidNumber: 2000
homeDirectory: /home/proxy_user
loginShell: /bin/bash
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
shadowExpire: -1
shadowInactive: -1
shadowMax: 999999
shadowMin: -1
shadowWarning: 7
sn: user
uid: proxy_user
userPassword:
uidNumber: 601

Any more thoughts? Have you got this working?
linux: the choice of a GNU generation
0 Kudos
Reply
David_661
New Member

‎05-28-2004 07:39 AM

‎05-28-2004 07:39 AM

Re: ldapux integration with OpenLDAP

I was wondering if someone could give me a link to the hpuxldap.schema

It was said to be found on this forum but doing a search I couldn't find any topics that included "hpuxldap.schema" besides this one.

I did find some files that I thought I could piece together but the install doc for the new ldap-ux mentions that

the posixDUAProfile and posixNamingProfile
objectlcasses have been replaced by a single STRUCTURAL objectclass
DUAConfigProfile.

does anyone know where I could find a new schema using the new DUAConfigProfile instead of the two older classes?

Thank you!
0 Kudos
Reply
Robert Binkhorst
Trusted Contributor

‎07-13-2004 01:51 AM

‎07-13-2004 01:51 AM

Re: ldapux integration with OpenLDAP

Hi David,

You can find the profile in one of my other posts:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=575391

Good luck!

Rob
linux: the choice of a GNU generation
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.