Filter
Top Products
• Authentication Type. There are two supported options: Keytab File or Password.
The Keytab File option allows HPSS servers or utilities to read a keytab file to
authenticate. The Password option requires a password to be supplied each time an
HPSS server or utility is invoked.
• Password. The password used to authenticate the caller when the HPSS server or
utility is invoked. This field is not enterable when the Authentication Type field is set
to Keytab File.
• Keytab File. The pathname of the keytab file to be created if the Authentication
Type is set to "Keytab File". This file is normally located in the /var/hpss/etc
directory. This field is not enterable when the Authentication Type field is set to
Password.
6. Review and modify (if necessary) the following authorization fields:
• Local Site Name. The value is usually set to the full machine name of the local host
which can be determined using the 'hostname' and 'domainname' commands.
• Local Realm Name. The value is usually set to the "Local Site Name" all
capitalized.
• Local Realm ID. The field is set to a unique ID number for each site. Ask your
support representative for an appropriate value.
• Realm URL. This field is only needed for cross realm. Accept the default value.
• Administrator DN (Distinguished Name). The administrator name that is allowed
to add/update/remove entries in LDAP.
• Administrator Password. The password used by the administrator to manage entries
in LDAP.
• Verify Password. Repeat of the LDAP administrator password entered to verify it
was entered correctly.
• Enable Kerberos authentication. This must be enabled. UNIX Authentication is not
supported with LDAP Authorization
• Configure an LDAP server in this host. The flag is set to create an LDAP instance
locally on this host machine. If an LDAP server already exists, un-select this flag.
• Re-create DB2 Instance. The flag is set to indicate that a new LDAP database is to
be created. If an LDAP server and database already exist, un-select this flag.
• DB2 Instance Name. The LDAP's DB2 instance owner.
• Database Name. The name of the LDAP database. In most cases, the default value
of 'ldaphpss' should be used.
• DB2 Instance Owner Password. This is the UNIX password for the userid specified
in the "DB2 Instance" field.
7. By default, the system's configuration files (/etc/passwd, /etc/group, and /etc/shadow) are
used to administer the authentication and authorization services. As an option, the HPSS
configuration files can be used instead. These files will be created by mkhpss as part of this
configuration step. Other HPSS utilities are available to administer these HPSS
configuration files. Refer to Section 2.2.2: Security Mechanisms in the HPSS Management
Guide for more information. To use the HPSS configuration files, select the "Enable local
HPSS Installation Guide July 2008
Release 6.2 (Revision 2.0) 151