[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]

Commands Reference, Volume 3

mkprtldap Command

Purpose

Configures IBM Directory (LDAP) for Directory enabled System V print. It also configures client machines to use the Directory for System V print information.

Syntax

To configure the IBM Directory to store System V Print information:

mkprtldap -s -a AdminDN -p Adminpasswd -w ACLBindPasswd [-f] [-d nodeDN]

To configure clients to use the IBM Directory for System V Print information:

mkprtldap -c -h DirectoryServerHostname -w ACLBindPasswd [ -d PrintBindDN ] [-U]

To get usage information for the mkprtldap command:

mkprtldap ?

Description

The mkprtldap command configures the IBM Directory (LDAP) server, and one or more clients to use the Directory (LDAP) for System V Print information. This command must be run on the system being setup as the server and on all the client systems. Once the Directory (LDAP) server is configured for System V print, the directory enabled System V Print commands (dslpadmin, dslpaccess, dslpsearch, dslpenable, dslpdisable, dslpaccept, lp, lpstat, cancel and dslpreject ) must be run to add , remove and manage System V print information (printers and print queues) on the Directory (LDAP) server. The mkprtldap command configures client machines to use the Directory (LDAP) server for System V print information.

The mkprtldap command requires the IBM Directory server software to be installed on the machine being configured as the server. The command also requires the IBM Directory client software to be installed on all client machines that will use the Directory (LDAP) server for System V print information.

Note
The client (-c flag) and the server (-s server) options cannot be run at the same time. When setting up a system as the server, the mkprtldap command should be run twice on that system. Once to set up the server, and again to set up the client.

During the server side configuration, using the -s flag, the mkprtldap command:

During the client configuration, the mkprtldap command:

Flags

Server

-a AdminDN Specifies the Directory (LDAP) Administrator's DN.
-d nodeDN This advanced option requires a valid existing node DN on the Directory under which the AIX Information tree and Print Subtree will be created.
-f The force flag is required by the mkprtldap command to force the creation of the Print subtree (and AIX Information subtree if needed) when one or more AIX Information trees exist on the Directory.
-p adminpasswd Specifies the Directory (LDAP) Administrator's password.
-s Indicates the command is being run to configure the Directory for System V print.
-w ACLBindPasswd Specifies the password to ACL protect the Print Subtree on the Directory. Select a password value that is difficult for people or password cracking programs to guess.

Client

-c Indicates the command is being run to configure clients to use the Directory for System V Print information.
-d PrintBindDN Specifies the Print Bind DN. The default Print Bind DN is ou=print,cn=aixdata. The Print Bind DN to use during Client configuration is displayed at the end of the server setup of the mkprtldap command.
-h DirectoryServerHostname Hostname of the IBM Directory server setup to store System V Print information.
-U Undo a previous configuration of a client.
-w ACLBindPasswd The ACL Bind Password for the print subtree. The ACL Bind password is specified during the server setup of the mkprtldap command. The value of the ACL Bind Password must match the one used during the setup of the Directory server.

Usage

? Displays usage information for the mkprtldap command.

Security

This command can be run by the root user only.

Examples

  1. To configure a new installation of IBM Directory for System V print with the Administrator DN cn=root and password root, type:
    mkprtldap -s -a cn=root -p root -w aclpasswd
    where the ACL Bind password is the password used to ACL protect the print subtree. The ACL Bind password is specified during the configuration of System V Print on the Directory. This configuration will also set the Directory Administrator's DN and password to cn=root and root. Running the command will setup a suffix and top level object cn=aixdata. The Print subtree (ou=print) will be created under this AIX Information tree (cn=aixdata object). Select a ACL Bind password value that is difficult for people or password cracking programs to guess.
  2. To configure System V print on a machine with a configured IBM Directory server -

    The Administrator DN and password are required to configure System V print on the Directory. Assume the existing Administrator's DN and password are cn=admin and passwd.

    mkprtldap -s -a cn=admin -p passwd -w pass123wd
  3. The mkprtldap command provides the option to configure the IBM Directory to store the print information under a pre-existing node (e.g. o=ibm,c=us) on the Directory [Advanced Option]. This is only recommended when it is necessary to store the print information under the existing node on the Directory for specific reasons. The recommend option is to store the print subtree in the default location on the Directory by not specifying the -d option. The Administrator DN and password are required to configure System V print on the Directory Assume the existing Administrator's DN and password are cn=admin and passwd.
    mkprtldap -a cn=admin -p passwd -w acl123passwd -d o=ibm,c=us
    Running the command will create an AIX Information tree (cn=aixdata) under the o=ibm,c=us object. The print subtree will be created under this new object (cn=aixdata, o=ibm, c=us).
  4. To configure System V print on a machine with a configured IBM Directory server and an existing AIX Information tree. There might be situations where the Directory contains an existing AIX information tree with other subsystem specific information (e.g Security or NIS information). It might be required to store the print information in a separate location on the Directory under a different AIX Information tree. The command, by default, will not create a new AIX Information tree if one exists on the Directory. To force the command to create a new AIX Information tree to store the print information, use the -f flag with the command. Consider the case where the Security and NIS subsystem information is stored under the AIX Information tree at cn=aixdata,o=ibm,c=us. To create a new AIX Information tree for print information different from the existing one, run the command with the -f flag and specify the default location or another node. The Administrator DN and password are required to configure System V print on the Directory. Assume the existing Administrator's DN and password are cn=admin and passwd
    mkprtldap -a cn=admin -p passwd -w passwd123 -f 
    Running the command will create a new AIX Information tree (cn=aixdata) with the suffix (cn=aixdata) and the print information will be stored under this new AIX Information tree (ou=print, cn=aixdata). There will be two AIX Information trees on the Directory in this example cn=aixdata,o=ibm,c=us and cn=aixdata. The print information will be under the cn=aixdata object (suffix - cn=aixdata). For mkprtldap, it is recommend to use the default location to add the print information to the Directory.
  5. To configure a client to use an IBM Directory setup for System V Print on host server.ibm.com, type:
    mkprtldap -c -h server.ibm.com -w passwd 
    Please ensure that the ACL Bind Password (passwd) is the same as the one specified during the setup of the Directory Server. Running the command without specifying a Print Bind DN value with the -d option will cause the command to use the default Print Bind DN ou=print,cn=aixdata. The Print Bind DN must match the one displayed at the end of running the mkprtldap command to configure the server.
  6. To change the information in the client side configuration files, run the mkprtldap command with the new information
    mkprtldap -c -h server.ibm.co.uk -w aclpasswd -d ou=print,cn=aixdata,c=uk
    Executing this command on a client that has already been configured will change the information in the /etc/ldapsvc/server.print and /etc/ldapsvc/system.print files to contain the new configuration information. The original contents of the /etc/ldapsvc/server.print and /etc/ldapsvc/system.print will stored in the /etc/ldapsvc/server.print.save and /etc/ldapsvc/system.print.save files.

Files

Mode File Description
rw /etc/slapd32.conf (Server configuration) - Contains the IBM Directory (LDAP) configuration information.
rw /etc/ldapsvc/server.print (Client configuration) - Contains information about the Directory Server configured to store System V Print information. (Machine name, Location of Print subtree on the Directory and LDAP port)
rw /etc/ldapsvc/system.print (Client configuration) - Contains the ACL Bind Password for the Print subtree on the Directory.

Related Information

Configuring Directory Enabled System V print in the AIX 5L Version 5.2 Guide to Printers and Printing.

The dslpadmin command, dslpaccess command, dslpsearch command, dslpenable command, dslpdisable command, dslpaccept command, lp command, lpstat command, cancel command, dslpreject command, and mksecldap command.

The /etc/ldapsvc/server.print and /etc/ldapsvc/system.print files.

The /etc/slapd32.conf file.

[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]