HP WBEM Services Version A.02.07 Release Notes, September 2008, Second Edition
wbem account required libpam_hpsec.so.1
wbem account sufficient libpam_unix.so.1
wbem account required libpam_ldap.so.1
# Session management
wbem session required libpam_hpsec.so.1
wbem session sufficient libpam_unix.so.1
wbem session required libpam_ldap.so.1
# Password management
wbem password required libpam_hpsec.so.1
wbem password required libpam_ldap.so.1 try_first_pass
wbem password required libpam_ldap.so.1 try_first_pass
NOTE: HP-UX uses the cimservera executable in HP WBEM Services to provide the
cimserver with PAM Authentication services. Refer to the Administrator’s Guide (part
number B8465-90017, chapter 3) for more information.
More about using Client Certificate-Based Authentication
Before making use of CBA, you must do the following:
1. Enable Certificate Based Authentication (CBA) using the cimconfig command.
By default, CBA is disabled. Refer to the cimconfig(1M) and cimtrust(1M)
man pages for more information.
2. Use the cimtrust command to include client certificates from the trust store in
the cimserver and associate that certificate with a system user.
3. The HTTPS connections must be enabled in order for the client to have its certificate
authenticated by HP WBEM Services.
NOTE: HP System Insight Manager (HP SIM) version 5.1 or later is able to use
Certificate-Based remote user authentication. For more information on certificate based
remote user authentication, see the HP SIM documentation.
Certificate Verification
CIM Clients
The CIM Client Interface supports the trust store and verification callback function as
the mechanisms for server certificate verification. The CIM Client applications can use
one or both of these mechanism to verify the server certificate.
wbemexec Client
The wbemexec command provides a command-line interface to a CIM server.
14 HP WBEM Services Version A.02.07 Release Notes