Filter
Top Products
Chapter 3 System Configuration 23
If the LDAP client is configured and enabled on the Service Processor, lookups are
first performed locally, and then through the LDAP server. If no privileges are
specified for a user, the setprivileges command deletes any local privilege data
for that user. Subsequently, the user’s privileges will be looked up in LDAP, if LDAP
privilege lookup is enabled. If the none privilege is specified for a user, that user
will not have any privileges, regardless of privilege data in LDAP.
These commands manage the Service Processor LDAP service:
■ setlookup
■ setldap
Note that passwords stored in the LDAP repository must use either UNIX crypt or
MD5 encryption schemes.
Once you have configured the Service Processor to use the LDAP service, it does not
require day-to-day management.
Time Synchronization and NTP Service
The Network Time Protocol (NTP) provides the correct timestamp for all systems on
a network by synchronizing the clocks of all the systems. NTP service is provided by
an NTP daemon.
To use the NTP service, the Service Processor can be set up as an NTP client, using
the services of a remote NTP server, or it can be set up as an NTP server and client
itself.
TABLE 3-3 shows how the time is synchronized.
When domains are powered on, they synchronize their clocks to the XSCF clock, or
to an external NTP server.
TABLE 3-3 XSCF and Domain Time Synchronization
Entity Primary NTP Server Time Synchronization Method
XSCF No connection The XSCF time is the time in the initial system setting or the
time set with the setdate command.
External NTP server XSCF operates as an NTP client. The XSCF time is adjusted
to the time of the external NTP server.
Domain XSCF XSCF operates as the NTP server. The domain time is
adjusted to the time of the XSCF.
External NTP server The domain time is adjusted to the time of the external NTP
server.