Planning and Configuring HP DCE 1.8

Chapter 6 121

HP-UX Integrated Login

Operation of Integrated Login Utilities

The Integrated Login utilities are login, dtlogin, dtsession, su, rcp,

remsh, and ftp. The passwd utility is also integrated to facilitate the

manipulation of registries (such as the registries for technologies used by

HP-UX Integrated Login.) The Secure Internet Services (SIS) version of

ftp is not integrated. The SIS versions of rlogin and telnet provide the

integrated login service when login on the remote system requires a

password.

• The Integrated Login utilities attempt to ﬁrst authenticate a user via

the login technology. If the login technology is not available or fails,

and a fallback technology is conﬁgured, the user is authenticated via

the fallback technology. If none of the authentications succeed, then

the user is denied access to the local system. Note that fallback will

not occur if the login technology speciﬁcally denies access to a user

(such as the user name is recognized, but the password is incorrect; or

a time-based authorization does not allow the user to log in at that

time).

• Based on the conﬁguration, after a user is successfully logged in, the

Integrated Login utilities attempt to authenticate the user to all

additional technologies conﬁgured. Any failure in this step is not

fatal. The user is still allowed to log in and is appropriately warned of

the failures.

• Upon unlocking the HP-CDE session, the integrated dtsession

attempts to refresh all credentials a user has obtained through

integrated dtlogin.

•Ifpasswd successfully changes a user's password in the login

registry, it also attempts to make the change in the registries of all

other technologies conﬁgured.