HP Tru64 UNIX Enterprise Directory Version 5.6

          and

          Administrator for Enterprise Directory Version 2.2

          Read Before Installing

          HP Tru64 UNIX Enterprise Directory V5.6 is an upgrade of HP
          Tru64 UNIX Enterprise Directory V5.5 ECO1.

          Read the Release Notes before installing this kit.

          Prerequisite Software

          Before you install the Tru64 UNIX Enterprise Directory V5.6,
          ensure that you have the following installed and working:

          o  Tru64 UNIX V5.1B-3 or later.

          o  Optionally,

             1. For LDAPv3 over SSL, OpenSSL 0.9.6g for Tru64 UNIX V5.1A
                or later.

             2. DECnet-Plus V5.1B-3 for Tru64 UNIX, or later. (This is
                required if you intend to run X.500 protocols over an OSI
                network.)

          Upgrading from a Previous Version of the Directory

          On Tru64 UNIX, Version 3.0 and later of the Directory, the DSA
          uses memory image files instead of snapshot files. Memory image
          files are specific to the version of the kit. This applies
          to all versions (SSB, ECO kits, and FT kits). Therefore, your
          current memory image files cannot be used by this kit. To use
          your existing database with this kit, create a snapshot file of
          your database before you upgrade.

          To create a snapshot file, disable and delete the DSA using the
          following NCL commands:

          ncl> disable dsa

          ncl> delete dsa to snapshot

          After installing this release, use the following NCL commands to
          recreate the DSA:

          ncl> create dsa from snapshot

          ncl> enable dsa

          When the DSA has been recreated and enabled successfully, you
          can delete the snapshot file from the DSA system as follows:

          # rm /var/dxd/DSA-information-tree.snapshot*

          The DSA does not need this file any longer, so you can save disk
          space by deleting it. Do not delete any of the other database
          files.

 






          The upgrade renames each network template file in the sub-
          directory /var/dxd/scripts by appending .savn to the file name.
          For example, create_inbound_clns_template.ncl becomes create_
          inbound_clns_template.ncl.sav1.

          If any of the schema files from a previous installation have
          been edited, the upgrade saves all schema files to a subdirec-
          tory called /var/dxd/savn where n is a number. The schema data
          file dxd_schema.dat is also saved to that directory.

          New Features in this Release


          o  Password Policy

             HP Enterprise Directory Version 5.6 implements the pass-
             word policy as defined in Draft Behera. The policy provides
             the ability to ensure the secure read and update access to
             directory information throughout the network. The policy
             is applied on a password that is used to authenticate. The
             policy also includes the following:

             -  Whether and when passwords expire

             -  Whether failed bind attempts cause the account to be
                locked and

             -  If and how users are able to change their passwords.

             The password policy can be applied to any attribute holding a
             users password used for an authenticated LDAP bind operation.
             Here the term user represents any LDAP client application
             that has an identity in the directory.

             For details on usage and applicability of password policy as
             defined in Draft Behera, see Section 11 in the HP Tru64 UNIX
             Enterprise Directory Release Notes.

          o  Password Hashing

             HP Enterprise Directory Version 5.6 implements hashing of
             the users password. Here the term user represents any LDAP
             client application that has an identity in the directory. The
             directory server provides options of crypt and the algorithms
             supported by OpenSSL_add_all_digests( ) function of OpenSSL
             library with which the users password can be hashed.

             For details on usage and applicability of password hashing,
             see Section 12 in the HP Tru64 UNIX Enterprise Directory
             Release Notes.

          o  Sample Cluster Application Availability Script on Tru64 UNIX

             A sample Cluster Application Availability (CAA) script for
             achieving HP Enterprise Directory failover capability on
             Tru64 UNIX cluster (TruCluster) environment and steps to
             register and invoke CAA script have been added to Section 13
             in the HP Tru64 UNIX Enterprise Directory Release Notes.

          o  Enabling Memory Tracing Facility

                                          2

 






             Memory tracing facility is added to this version of DSA,
             which can be turned on as required for faster diagnostics
             of DSA. For details on enabling memory tracing facility, see
             Section 14 in the HP Tru64 UNIX Enterprise Directory Release
             Notes.

          o  Support for Samba Schema 3.0

             Samba 3.0 Schema elements are supported in this version of
             HP Enterprise Directory. For details on Samba 3.0 schema
             elements, see Section 15 in the HP Tru64 UNIX Enterprise
             Directory Release Notes.

          Configuration Tutorials

          Chapter 2 and Chapter 3 of Tru64 UNIX Enterprise Directory
          - Management provide configuration tutorials. If you are in-
          stalling Enterprise Directory products for the first time, you
          might find the tutorials a useful introduction to managing the
          product.




          © Copyright 2007 Hewlett-Packard Development Company, L.P.

          Confidential computer software. Valid license from HP required
          for possession, use or copying. Consistent with FAR 12.211 and
          12.212, Commercial Computer Software, Computer Software Documen-
          tation, and Technical Data for Commercial Items are licensed to
          the U.S. Government under vendors standard commercial license.

          The information contained herein is subject to change without
          notice. The only warranties for HP products and services are
          set forth in the express warranty statements accompanying such
          products and services. Nothing herein should be construed as
          constituting an additional warranty. HP shall not be liable for
          technical or editorial errors or omissions contained herein.

          A FULL SOFTWARE PATCH KIT HAS RECEIVED LIMITED TESTING AND IS
          CONSIDERED APPROPRIATE FOR GENERAL DISTRIBUTION TO CUSTOMERS.

          DISCLAIMER OF WARRANTY AND LIMITATION OF LIABILITY

          THIS FULL SOFTWARE PATCH KIT IS PROVIDED "AS IS", WITHOUT WAR-
          RANTY OF ANY KIND. ALL EXPRESS OR IMPLIED CONDITIONS, REP-
          RESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY
          OF MERCHANTABILITY, FITNESS FOR PARTICULAR PURPOSE, OR NON-
          INFRINGEMENT, ARE HEREBY EXCLUDED TO THE EXTENT PERMITTED BY
          APPLICABLE LAW. IN NO EVENT WILL HP OR ANY OF ITS SUBSIDIARIES
          BE LIABLE FOR ANY LOST REVENUE OR PROFIT, OR FOR SPECIAL, IN-
          DIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
          CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, WITH RESPECT
          TO ANY SOFTWARE PATCH MADE AVAILABLE HERE OR TO THE USE OF SUCH
          SOFTWARE PATCH.

                                          3