Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 LDAP-UX Client Services B.04.10 with Microsoft Windows Active Directory Administrator's Guide: HP-UX 11i v1 and v2 > Chapter 3 Active Directory Multiple Domains

Retrieving Data from a Remote Domain
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

LDAP-UX can retrieve data from a remote domain using three methods:

  • Remote Domain Configuration

    This method allows you to configure a sequence in which LDAP-UX searched remote domains. If you know in which domains your data resides, you can use setup to configure a remote domain sequence. When LDAP-UX does not find data in the local domain, all remote domains are searched in the specified order until the data is found.

  • GCS

    This method allows you to configure LDAP-UX to search the GCS first. If you are not sure in which domains the data resides, you can configure LDAP-UX to search the GCS first to determine in which domain the requested data resides, then connect to that specific domain controller to retrieve complete POSIX information. However, by default, the global catalog does not contain any POSIX attributes. You should add some POSIX attributes into the global catalog. For information, refer to “Adding POSIX Attributes to the Global Catalog”.

    You also need a configuration profile that specifies which server (and port) serves as the GCS. The GCS profile is stored locally in /etc/opt/ldapux/domain_profiles/ldapux_profile.bin.gc.

  • Both Remote Domain Configuration and GCS

    If you are sure that you need some specific remote domains, but don't want to exclude other domains, you can configure both, specifying remote domains and configuring usage of the GCS. When both are configured, LDAP-UX searches in this sequence:

    1. local domain

    2. remote domains in the order of configuration

    3. GCS to determine in which domain the data resides

    4. specific domain determined by GCS

Choosing Remote Domain Configuration or GCS

In order to limit the scope of the LDAP-UX remote domain search to certain domains of the forest, configure those specific domains using the remote domain configuration. This is the only way to exclude some domains from the LDAP-UX remote domain search. For example, if your forest contains DomainA, DomainB, DomainC, and DomainD, but you just want users in DomainA and DomainB to log into HP-UX, configure either DomainA or DomainB as your local domain, then another domain as the remote domain during setup, and choose not to use the GCS.

If you want to cover the entire forest in the LDAP-UX remote domain search scope, you can either explicitly configure every domain (one as "local," and the rest as "remote"), or configure the local domain and the GCS to support multiple domains. When you choose to configure usage of both remote domain and GCS support, LDAP-UX searches remote domains, then queries the GCS.

For detailed steps on how to configure multiple domains using the setup tool, refer to the "Configuring the LDAP-UX Client Services" section in Chapter 2.



Domain Term Definitions
  		 


Downloading an Automatic Profile  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2006 Hewlett-Packard Development Company, L.P.