Chat now with support
Chat mit Support

Safeguard Authentication Services 5.0.2 - Administration Guide

Privileged Access Suite for Unix Introducing One Identity Safeguard Authentication Services Unix administration and configuration Identity management Migrating from NIS Managing access control Managing local file permissions Certificate Autoenrollment Integrating with other applications Managing Unix hosts with Group Policy
Safeguard Authentication Services Group Policy
Group Policy Concepts Unix policies One Identity policies
Display specifiers Troubleshooting Glossary

Installing and configuring the HP-UX NIS client components

You can find the vasyp.depot file in the client directory for your HPUX operating system on the installation media.

To install and configure vasyp on HP-UX

  1. Stop the system ypserv and ypbind daemons by running the following commands as root:
    # /sbin/init.d/nis.server stop
    # /sbin/init.d/nis.client stop

    To ensure that the system ypserv daemon does not start at boot time, modify /etc/rc.config.d/namesvrs and set the NIS_MASTER_SERVER and NIS_SLAVE_SERVER variables to 0.

    Note: You do not need to do this if the machine is not configured as a NIS server.

  2. As root, mount the Safeguard Authentication Services installation CD and change to the hpux directory.
  3. To install the depot on an HP-UX client, enter the following command:
    # swinstall -s /cdrom/hpux-<platform>/vasyp_<platform>-<version>.depot vasyp
  4. Create the /var/yp/binding/example.com directory where example.com is the Active Directory domain to which you are joined.
  5. Create the /var/yp/binding/example.com/ypservers file, and add the following line, or modify the existing file to only contain this line:
    localhost
  6. Set the system NIS domain name to match the Active Directory domain to which you are joined by running the following command as root:
    # domainname example.com

    where example.com is the domain to which your machine has been joined.

  7. Set the NIS domain name permanently by modifying /etc/rc.config.d/namesvrs so that the NIS_DOMAIN variable is set to the Active Directory domain to which the Unix machine is joined.
  8. To ensure that the system NIS client processes starts at boot time, set the NIS_CLIENT variable in /etc/rc.config.d/namesvrs to 1.
  9. Start vasyp with the following command:
    # /sbin/init.d/vasypd start
  10. (Optional) Start ypbind with the following command:
    # /sbin/init.d/nis.client start

    You can now use the NIS utilities like ypwhich and ypcat to query vasyp for NIS map data.

Installing and configuring the AIX NIS client components

You can find the vasyp.bff file in the client directory for your AIX operating system on the installation media.

To install and configure vasyp on AIX

  1. Ensure that the system ypserv and ypbind daemons are stopped by running the following commands as root:
    # stopsrc -s ypbind 
    # stopsrc -s ypserv

    Also ensure that all entries dealing with ypserv and ypbind in /etc/rc.nfs are commented out.

    Note: You do not need to do this if the machine is not configured as a NIS server.

  2. As root, mount the Safeguard Authentication Services installation CD and change to the aix directory.
  3. Use installp to install the package appropriate for your version of AIX, as follows:
    # installp -ac -d vasyp_AIX_<platform>.<version>.bff all
  4. On AIX 7.1 (and later), create a ypservers file in /var/yp/binding/<NIS_DOMAIN>/ypservers which only contains the following line:
    127.0.0.1
  5. Start vasyp with the following command:
    # /etc/rc.d/init.d/vasypd start

    Note: Do not configure the NIS client using the standard AIX configuration instructions. Normally, you configure the system domain name and enable the NIS client in /etc/rc.nfs. For vasyp to work correctly on AIX, you must disable any NIS configuration in the /etc/rc.nfs file.

    You can now use the NIS utilities like ypwhich and ypcat to query vasyp for NIS map data.

NIS map search locations

By default, the vasyp daemon only searches the Active Directory container, or organizational unit (OU) in which the Unix computer object was created. You can override this search location by configuring the search-base option in vas.conf. This allows you to have different sets of NIS maps for different groups of Unix hosts.

For more information on the search-base option, refer to the vasypd section of the vas.conf man page.

Deploying in a NIS environment

These are the components associated with using Safeguard Authentication Services in a NIS environment:

  • RFC 2307 NIS Map Import Wizard

    The RFC 2307 Map Import Wizard imports NIS data into Active Directory as RFC 2307 objects either from a NIS server or from a local file. This wizard can also save an import session as an LDIF file that you can import using standard LDAP tools.

  • RFC 2307 NIS Map Editor

    The RFC 2307 NIS Map Editor is the standard Windows tool for modifying RFC 2307 NIS data that has been imported into Active Directory using the import wizard.

  • nisedit

    nisedit is the NIS Map Command Line Administration Utility you run from the host.

  • vasyp

    vasyp runs on a Safeguard Authentication Services Unix host machine joined to an Active Directory domain. It interprets RFC 2307 objects from Active Directory as standard NIS maps on Unix.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen