Manualshelf

HP CIFS Server Administrator's Guide (5900-1282, April 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
81828384858687888990
16. Run the following command to verify your configuration:
$ /opt/ldapux/bin/ldapsearch -T -b "cn=schema" -s base \
"(objectclass=*)"|grep -i posix
Ensure that the posixAccount objectclass is displayed in the output when you run the
ldapsearch command. The output is as follows:
objectClasses: ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'Standard
LDAP objectclass' SUP top AUXILIARY MUST ( cn $ uid $ uidNumber $
gidNumber $ homeDirectory) MAY ( userPassword $ loginShell $ gecos
$ description ) X-ORIGIN 'RFC 2307' )
objectClasses: ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC 'Standard
LDAP objectclass' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY (
userPassword $ memberUid $description ) X-ORIGIN 'RFC 2307' )
NOTE: You can use the ldapsearch command-line utility to locate and retrieve LDAP
directory entries. This utility opens a connection to the specified server using the specified
Distinguished Name (DN) and password, and locates entries based on the specified search
filter. For details, see the Netscape Directory Server Administrator's Guide or the Red Hat
Directory Server Administrator's Guide available at http://www.docs.hp.com/en/internet.html.
Enabling Secure Sockets Layer (SSL)
The HP CIFS Server provides Secure Sockets Layer (SSL) support to secure communication between
CIFS servers and SSL enabled LDAP directory servers.
If you plan to use SSL and it is not already in use for LDAP, you need to enable it on the Directory
Server and LDAP-UX clients. When you have enabled the LDAP server and clients, then you can
configure the HP CIFS Server to use SSL.
You must set up the Certification Authority (CA) Server properly before you plan to enable SSL
communication over LDAP.
Read the following subsections for more information on configuring the LDAP directory server,
LDAP-UX client and HP CIFS Server with SSL support if you plan to use it.
Configuring the Directory Server to enable SSL
Use the following steps to configure your Netscape Directory Server to enable SSL communication
over LDAP:
1. Obtain and install a certificate for your Directory Server, and configure the Netscape Directory
Server to trust the Certification Authority's (CA's) certificate.
For detailed instructions, see the "Obtaining and Installing Server Certificates" section of the
"Managing SSL" chapter in Netscape Directory Server 6.1 Administrator's Guide at
http://docs.hp.com.
2. Turn on SSL in your directory.
For detailed instructions on how to enable SSL in your directory server, see the "Activating
SSL" section of the "Managing SSL" chapter in Netscape Directory Server 6.1 Administrator's
Guide at http://docs.hp.com.
3. Configure the Administration Server to connect to an SSL-enabled directory server.
For detailed instructions on how to configure the administration server to connect to an SSL
enabled directory server, see Managing Servers with Netscape Console available at
http://docs.hp.com.
Enabling Secure Sockets Layer (SSL) 85