Manualshelf

XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
81828384858687888990
XYGATE
®
User Authentication
(XUA) 1.85 Reference Manual
Chapter 12. Configuring the LDAP Interface
XYPRO Technology Corporation 61 Proprietary and Confidential
LDAP_PROXY_IP_PROC <$process name>
LDAP_PROXY_LOG <oss pathname>
LDAP_PROXY_OPTIONS "<string>"
LDAP_PROXY_TIMEOUT <number>
12.3 Prepare the NonStop System for LDAP Authentication
This section describes how to prepare the NonStop system for authentication via the
LDAP interface.
12.3.1 Checking for Network-Related Configuration
Password verification via LDAP requires communication between the HP NonStop
system and another system in the network that hosts the LDAP server. To assure the
success of such communication, the HP NonStop systems TCP/IP stack must be
configured in a certain way.
This document assumes that the system configuration files (HOSTS, RESCONF,
SERVICES, etc.) exist in the $SYSTEM.ZTCPIP subvolume. System configurations
differ from site to site. Some sites may have the files in different or multiple
subvolumes. In the most efficient scenario, there will be DEFINEs or PARAMs in the
TACL environment pointing to the active files. The existence of DEFINEs may be
checked with the following commands:
info define =tcpip^resolver^name
info define =tcpip^service^name
info define =tcpip^protocol^name
info define =tcpip^host^file
These DEFINEs may not always exist in your TACL session. They may only have
been included when the system processes started. In this case, executing the above
DEFINE commands will not return any information, but will not mean the DEFINEs
were not loaded on the process startup.
Note: These DEFINEs, if they exist, may set some custom parameters for a user’s
session that may differ from the global system setup and, thus, may interfere
with off-box authentication. If no value or information is returned, this means that
the user’s session runs as defined by the global system configuration.
The information about which files are correct and should be checked, should be
acquired from the system administrator.
Make sure that the files listed in this section exist and are set up properly.