HP CIFS Client A.02.02 Administrator's Guide
PAM NTLM
PAM NTLM Configuration
Chapter 8 137
The following are sample pam.conf files with all three PAM NTLM
services configured. Each PAM NTLM entry consistes of a line that
refers to the shared library libpam_ntlm.1. In the authentication
management section, when PAM NTLM is used in conjunction with PAM
UNIX, it is recommended that the option try_first_pass be specified
with the PAM-UNIX entry, as shown.
WARNING If incorrect paths are used in pam.conf, it can become impossible
to login to the system. Ensure that you refer to the pam.conf file
that matches the version of HP-UX installed on your system (use
uname -r to check the version). In particular, you should add
lines to pam.conf exactly as shown without modifying paths.
Starting with versions B.11.22 of HP-UX, paths to the PAM
libraries are different than in earlier versions.
The following sample pam.conf file is for version B.11.23 of HP-UX:
Example 8-1 Sample file for HP-UX version B.11.23
=====================================================================
#
# PAM configuration
#
# Authentication management
# Note: For PA applications, /usr/lib/security/libpam_unix.so.1 is a
# symbolic link that points to the corresponding PA PAM module.
#
#
login auth sufficient /usr/lib/security/$ISA/libpam_ntlm.so.1
login auth required /usr/lib/security/$ISA/libpam_unix.so.1 try_first_pass
su auth required /usr/lib/security/$ISA/libpam_unix.so.1
dtlogin auth required /usr/lib/security/$ISA/libpam_unix.so.1
dtaction auth required /usr/lib/security/$ISA/libpam_unix.so.1
ftp auth required /usr/lib/security/$ISA/libpam_unix.so.1
OTHER auth required /usr/lib/security/$ISA/libpam_unix.so.1
#
# Account management
#
login auth sufficient /usr/lib/security/$ISA/libpam_ntlm.so.1
login account required /usr/lib/security/$ISA/libpam_unix.so.1
su account required /usr/lib/security/$ISA/libpam_unix.so.1
dtlogin account required /usr/lib/security/$ISA/libpam_unix.so.1
dtaction account required /usr/lib/security/$ISA/libpam_unix.so.1
ftp account required /usr/lib/security/$ISA/libpam_unix.so.1
#
OTHER account required /usr/lib/security/$ISA/libpam_unix.so.1
#
# Session management