 |
» |
|
|
|
The following sections explain how to modify your multiple
domain configuration. Removing
a Remote Domain from the Search Scope | |
If you originally configure several remote domains without
configuring the GCS, and you want to exclude a domain from the search
scope, perform one of the following options: Run the setup tool, /opt/ldapux/config/setup, to re-configure multiple domains and exclude the one
you want to remove. Manually edit /etc/opt/ldapux/ldapux_client.conf to remove the configuration for that specific domain
and remove its corresponding profiles: /etc/opt/ldapux/domain_profiles/ldapux_profile.ldif.
<domain> /etc/opt/ldapux/domain_profiles/ladpux_profile.bin
Adding
a Remote Domain to the Search Scope | |
If you originally configure several remote domains without
configuring the GCS, and you want to add a new remote domain into
the search scope, run the setup tool to re-configure the multiple domains and include
the new domain in your configuration. When setup is complete, restart
the client daemon, /opt/ldapux/bin/ldapclientd. Re-ordering
the Remote Domain Search Sequence | |
The search sequence is the sequence in which you configured
the remote domains during setup. This sequence is also shown in /etc/opt/ldapux/ldapux_client.conf. To re-order the remote domain search sequence, either
run setup to re-configure the remote domains, or manually edit
the /etc/opt/ldapux/ldapux_client.conf file to re-arrange the order. Restart the client daemon
for the change to take effect. Adding
the GCS into the Search Scope | |
The only way that you can add the GCS into the search scope
is to run setup and add the GCS as your multiple domain support. Restart
the client daemon for the change to take effect. Removing
the GCS from the Search Scope | |
To remove the GCS from the search scope, either run setup to re-configure, or manually edit /etc/opt/ldapux/ldapux_client.conf to remove the gc section, its corresponding profiles (/etc/opt/ldapux/domain_profiles/ldapux_profile.bin.gc and ldapux_profile.ldif.gc), and all entries to the end of the file. Restart the
client daemon for the change to take effect. Adding
POSIX Attributes to the Global Catalog | |
If you select GCS to support LDAP-UX integration with ADS
multiple domains, you should add POSIX attributes into the global
catalog. The needed attributes are those used by getXbyY() APIs to return data. For LDAP-UX B.03.00, only passwd and group are supported in multiple domains. Therefore, the following
POSIX attributes must be added into the global catalog: If your SFU
version is 2.0:
msSFUName - used by getpwnam() and getgrnam()
uidNumber - used by getpwuid()
gidNumber - used by getgrgid() If your SFU version is 3.0:
msSFU30Name - used by getpwnam() and getgrnam()
msSFU30uidNumber - used by getpwuid()
msSFU30gidNumber - used by getgrgid()
To add these attributes to the global catalog: On your Windows 2000
GCS, click Start, then Run. In the open dialog box, type
mmc, then click OK. Click the Microsoft
Management Console menu, select Add/Remove Snap-in. Click Add under
the Standalone tab to get to
the Add Standalone Snap-in dialog
box. In the Add
Standalone Snap-In dialog box, select Active
Directory Schema, then click Add and
then Close. Active
Directory Schema appears in the Add/Remove
Snap-In dialog box. Click OK. In the Microsoft
Management Console, click Active
Directory Schema and Double-click Attribute, under Name on the right-hand side of the box.
All attributes will be shown.. Click the POSIX
attribute to add into the global catalog (for example; msSFUname for SFU 2.0, uidNumber, gidNumber), and then select
Properties from the Action menu. In the Attribute Properties dialog box, select
Replicate this attribute to the Global Catalog
and Index this attribute in the Active Directory, click
Apply, and then OK. Repeat steps 6 and 7 until all
the required POSIX attributes are added into the global catalog.
|
Printable version
