AIX Runtime Expert and LDAP
AIX Runtime Expert can retrieve profiles from the Lightweight Directory Access Protocol (LDAP) server.
The AIX Runtime Expert profiles must be stored as ibm-artexProfile objects and have the following mandatory attributes:
- Ibm-artexProfileName. The AIX Runtime Expert profile name.
- Ibm-artexProfileXMLData. The XML content of the AIX Runtime Expert profile that is stored as an octetString.
The AIX Runtime Expert schema must be installed on the LDAP server before storing any AIX Runtime Expert profiles. Setting up an LDAP server for AIX Runtime Expert is similar to setting up an LDAP server for user authentication. For more information about setting up LDAP, see Setting up an ITDS security information server.
Setting up an LDAP client for AIX Runtime Expert is similar to setting
up an LDAP client for user authentication. For more information, view
the Setting up an LDAP client topic. To set up an
LDAP client, use the mksecldap -c command to correctly
configure the secldapclntd daemon. AIX Runtime Expert relies on the secldapclntd daemon
to access the LDAP server. By default, AIX Runtime Expert looks for profile
entries under the identifier DN: ou=artex,cn=AIXDATA.
You can customize this DN by updating the artexbasedn key in the /etc/security/ldap/ldap.cfg secldapclntd
configuration file.
Uploading an AIX Runtime Expert profile
To upload an AIX Runtime Expert profile, you can either create an LDAP data interchange formatted (LDIF) file and use the ldapadd command or use an LDAP administration tool such as Tivoli® Directory Server Web Administration Tool.
dn: ou=artex,cn=AIXDATA
objectClass: organizationalUnit
objectClass: top
ou: artex
dn: ibm-artexProfileName=alogProfile.xml,ou=artex,cn=AIXDATA
objectClass: ibm-artexProfile
objectClass: top
ibm-artexProfileName: alogProfile.xml
ibm-artexProfileXMLData:< file:///etc/security/artex/samples/alogProfile.xmlldapadd -c -h <ldaphost> -D cn=admin -w <password> -f sample.ldif