HP-UX PAM RADIUS A.01.00 Release Notes

If the authentication token that must be set as

PAM_AUTHTOK in the PAM handle is not

available, then the module ignores this option.

Account Management Module

The HP-UX PAM RADIUS account management module provides functions to manage

user accounts.

NOTE: Account management (tasks such as user's password and account verification

by checking the password and account expiration, and log-in time validation) is not

defined under RADIUS protocol standard. Therefore, this module returns

PAM_SUCCESS. The functions in this module are supported only for the naming

convention as per the PAM framework.

You can set the debug option in the /etc/pam.conf file. The debug option is passed

to the HP-UX PAM RADIUS account management module. For more information on

the debug option, see the option information listed in “Authentication Module”

(page 4).

Session Management Module

The HP-UX PAM RADIUS session management module provides the following

functions:

• The pam_sm_open_session () function, which initiates sessions

• The pam_sm_close_session () function, which terminates sessions

A RADIUS Accounting-Start message is sent to the RADIUS server when the

session is opened and an Accounting-Stop message is sent to the RADIUS server

when the session is terminated.

The following options can be set to the session management module through the

/etc/pam.conf file:

• debug

• default_realm=<realm name>

• conf=<filename>

• clientid=<clientID>

• retry=<retrycount>

• localifdown

For more information on these options, see “Authentication Module” (page 4).

Known Problems and Limitations

There are no known problems and limitations in the HP-UX PAM RADIUS A.01.00

software.