IBM HPSS Network Card User Manual


 
Acquire Kerberos or LDAP software, as needed. See Section 6.2.3: New Authentication and
Authorization Mechanisms on page 182 for a list of valid authentication and authorization
combinations. See Section 5.2: Install Prerequisite Software on page 137 for more
information on obtaining MIT or IBM Kerberos and LDAP.
Acquire DB2 UDB
Acquire software to upgrade AIX, if necessary
Acquire Java software
Acquire HPSS Release 6.2 distribution images
6.3.3. Install Authentication and Authorization Mechanisms
Select the desired authentication and authorization mechanisms to replace DCE. See Section 6.2.3:
New Authentication and Authorization Mechanisms on page 182 to aid in choosing a mechanism.
See Section 5.2: Install Prerequisite Software on page 137 for more information on installing MIT or
IBM Kerberos or LDAP.
Unix Authentication and Authorization
If Unix is selected for the authentication and authorization method, no special instructions are
required for this step.
Install and Configure Kerberos
Kerberos must be installed in order to successfully compile and use the PFTP client with
HPSS 6.2.
This step can be performed while the HPSS 4.5 or 5.1 system is running.
Configuration of Kerberos will not be covered in this document, as converting principals and groups
from DCE into Kerberos is handled outside of the conversion process. If Kerberos authentication is
selected, the site is responsible for ensuring that DCE account information (principal, group,
password) is transferred into Kerberos by their own means.
Install and Configure LDAP
The steps in this section can be performed while the HPSS 4.5 or 5.1 system is running.
LDAP requires 400MB free space in /opt/IBM/ldap/V6.0. To install LDAP, untar the LDAP release
file (e.g. itds60-aix-ppc-native.tar). After the LDAP code is extracted, use smitty or the software
installation tool of choice to install the code/packages. The steps described below will assist a site
with setting up LDAP with simple authentication rather than with Kerberos authentication.
5. Ensure the ldap user and ldap group exist. Create the hpssldap user and add to the HPSS DB2
INSTANCE_OWNER group (e.g. hpssdb). Ensure root is in the instance owner group as
well. Perform a login command after creating the hpssldap user to initialize the password for
the new user.
6. Add the db2profile lines to the new LDAP instance owner’s .profile or .cshrc. See the HPSS
instance owner’s .profile for an example. Ensure the db2profile is sourced for the LDAP
HPSS Installation Guide July 2008
Release 6.2 (Revision 2.0) 191