Internet Express for Tru64 UNIX Version 6.8 Installation Guide (14234)
it is set to diradmin. It is strongly recommended as a security precaution that you do not
use the default password of diradmin.
Note:
You should not use the system's root password for the Root DN password.
2.21 Configuring the LDAP Module for System Authentication
If you choose to install the LDAP Module for System Authentication, you must provide the
following information to permit the installation procedure to initially configure the module:
• Directory Server — Host name of the directory server that the LDAP authentication module
is to use. If you choose to install an Internet Express Directory Server subset, the default is
the host name of the local system. If you are using a directory server other than one installed
on the local system, specify the name of the host on which the directory server is running
in this field.
• Search Base — Top level of the branch in the LDAP database that will contain the user
authentication information. If you choose to install an Open Sourcre Internet
Solutions-supplied directory server, and supplied a searchbase for that server, that value is
displayed in this field.
• Root Distinguished Name — Used with the Root DN Password to bind to the LDAP directory
server. If installing with the OpenLDAP directory server, the default is root.
• Root DN Password — Used with the Root Distinguished Name to bind to the LDAP directory
server. The default value for the password is derived as follows:
1. If Netscape is not detected, but the OpenLDAP server is being or was previously
installed, uses the OpenLDAP rootpw.
2. If neither server was detected, uses the password specified at the beginning of the
installation (if it is 8 characters long), otherwise, it is set to diradmin. It is strongly
recommended as a security precaution that you do not use the default password of
diradmin.
2.22 Completing Subset Installation
When you click on Continue, the installation procedure displays information about each
component as the installation of the component software progresses. Scan this information for
warning or error messages. You can cut and paste the information to save it in a file for future
reference.
The installation procedure checks the validity of the configuration information you supplied
and tries to connect to the LDAP server you specified. If the connection is successful, and the
required schema attributes are found, the LDAP Module for System Authentication is enabled.
If the connection fails, or if the required schema attributes are not found, the Module for System
Authentication is enabled, but may not work correctly. The procedure used to verify the LDAP
schema depends on the following cirteria:
• You have a properly configured, running LDAP server.
• The LDAP server uses the LDAP V3 protocol, although the Module for System Authentication
will work properly with LDAP V2 protocol servers.
After correcting the problems, you must use the Administration utility after the installation is
complete to enable it.
Directory servers provided with Internet Express are automatically configured for use by the
LDAP Module for System Authentication. The standard schema includes attributes that are
mapped to UNIX passwd(4) and group(4) field names. The authentication of users for login and
mail or any other service is completely transparent to the users. To improve performance, the
ldapcd caching daemon can cache password and group data locally and can also cache LDAP
2.21 Configuring the LDAP Module for System Authentication 33