uxconsole -register—Register UNIX Computers in Active Directory

Reference Guide › Utilities › uxconsole Utility—Manage UNAB Endpoints › uxconsole -register—Register UNIX Computers in Active Directory

uxconsole -register—Register UNIX Computers in Active Directory

Valid on UNIX

Use this command to register the UNIX host in Active Directory. Registering the UNIX host is part of the UNAB configuration process that lets Active Directory users log in to the UNIX host.

Note: After you register the UNIX host, you must activate UNAB to let Active Directory users log in to the host.

The utility cannot register the UNIX host in the following circumstances:

If the host name of the UNIX computer without the domain suffix contains more than 15 characters, registration fails. This is because Active Directory imposes NetBIOS-based restrictions on the number of characters in the name of computer objects.
For example, you cannot register a UNIX computer named engineering-dept-sol2 in Active Directory because the host name contains more than 15 characters. You can register a UNIX computer named eng-dept-sol2.example.com because the host name without the domain name (eng-dept-sol2) contains less than 15 characters. To display the host name of the UNIX computer, run the hostname command.
If all DCs in the Active Directory site that the UNIX host uses to communicate with Active Directory are specified in the ignore_dc_list configuration setting in the ad section of the uxauth.ini file, registration fails.
When you register a UNIX host in Active Directory, by default, the uxconsole utility automatically discovers the Active Directory site that is closest to the physical location of the endpoint, and communicates only with DCs in this site. You can also use the -t option to specify this Active Directory site.

You can run this command multiple times on the same computer. For example, you can run this command to repair the UNAB host registration with Active Directory if the keytab file is deleted.

Note: You can run the uxconsole - register command without arguments to use the default settings. The program prompts you for additional information required.

This command has the following format:

uxconsole -register [-a name] [-w pass] [-d] [-v level] [-n] [-o container] [-s server] [port #] [-h] [-t site] [-sso]

uxconsole -register -owt [-d domain] [-a name] [-w password] [-v leve]

uxconsole - register -owt -pupm [-d domain] [-a name -epname name [-eptype type -container name]] [-v level]

uxconsole -deregister [-a name] [-w pass] [-v level] [-o container] [-s server] [port #]

uxconsole -deregister -owt [-d domain] [-v level]

-register

Specifies that Active Directory registers UNAB.

-deregister

Specifies that Active Directory deregisters UNAB.

-a name

Defines the name of a user that has privileges for registering computers in Active Directory.

Default: administrator

-epname

Specifies the name of the endpoint where the privileged account originates.

-eptype

Specifies the endpoint type. If not otherwise specified, the endpoint type is Windows Agentless.

-w pass

Defines the password of the user that has privileges to register computers in Active Directory.

-d

Defines the domain name the Active Directory is part of.

-h

Displays the program help.

-n

Specifies that the uxauthd agent runs after the registration process completes.

If you do not specify this option, uxauthd does not run after the registration process completes.

-o container

Defines the Active Directory container name where the UNIX computer is registered.

Note: The Active Directory container must exist before you register the UNIX computer.

-container

Specifies the name of the container that where the privileged account is registered.

-owt

Specifies a position dependent argument that requests the proxy user key management. Register the UNAB endpoint before using this option.

-port #

Defines the Active Directory listening port number.

-pupm

Specifies to use SAM integration.

-s server

Defines the Active Directory server name.

-sso

Specifies that the uxconsole manages Kerberos files for Single Sign On (SSO)

-t site

Defines the Active Directory site that contains the DCs that UNAB uses to communicate with Active Directory, and writes the name of the site to the ad_site configuration setting in the ad section of the uxauth.ini file.

We recommend that you do not specify this option. If you do not specify this option, the utility automatically selects the best Active Directory site to use.

Note: The values in the ignore_dc_list and lookup_dc_list configuration settings affect how UNAB implements Active Directory site support.

-v level

Defines the verbose level to use during the installation process.

Example: Register a UNIX Host in Active Directory

This example shows you how to register a UNIX computer in Active Directory. You type in the user name (-a administrator) and password (-w admin), set the verbosity level (-v 3), specify that the UNAB agent does not run at the end of the installation (-n), and define the name of the container in Active Directory (-o OU=COMPUTERS). The container must exist before you register the UNIX computer in Active Directory:

./uxconsole -register -a administrator -w admin -v 3 -n -o OU=COMPUTERS

More information: