Planning and Configuring HP DCE 1.8
122 Chapter6
HP-UX Integrated Login
Activating HP-UX Integrated Login
Activating HP-UX Integrated Login
The script /usr/sbin/auth.adm is provided to activate HP-UX
Integrated Login and configure a system authentication policy. Until
activated, all Integrated Login utilities retain standard HP-UX behavior.
auth.adm activates Integrated Login by creating an appropriate
/etc/pam.conf file.
For a more secure enviroment, when using HP-UX Integrated Login with
the default DCE registry, users who configure DCE as the primary login
technology should not configure UNIX as a fallback technology. See
"Configuring UX as a Fallback Technology for DCE" later in this chapter
for more information.
To activate HP-UX Integrated Login and configure an authentication
policy, follow these steps:
1. Log in as root
2. Issue the auth.adm command, as follows:
/usr/sbin/auth.adm -i[nstall] -l tech_name [-b tech_name]\
[-a tech_name[:tech_name]...]\
[-p tech_name:param=value[:param=value]...]...
where
-l tech_name specifies the authentication technology to be used for
system login. This specification is required.
ux—To specify the UNIX mechanism
dce-To specify the DCE Security Service
-b
tech_name
specifies the authentication technology to be used for
fallback login. This technology is used when the preferred login
technology is unavailable or fails. This specification is optional. If no
fallback technology is explicitly configured, there will be no fallback
login in case of unavailability or failure of the login technology.
-a
tech_name[:tech_name]
specifies the authentication technologies
from which to obtain additional credentials after system login. This
specification is optional.
-p
tech_name:param=value[:param=value]
specifies the values of
parameters applicable to an authentication technology being