Manualshelf

Planning and Configuring HP DCE 1.8

ManualsBrandsHP ManualsSoftwareHP-UX DCE Software
131132133134135136137138139140
134 Chapter6
HP-UX Integrated Login
Integrating DCE with HP-UX Integrated Login
to run passwd_export in case the DCE registry is unavailable.
If NSS-DCE is activated, auth.adm saves the current version of
/etc/nsswitch.conf and creates a new version, which has the same
semantics as the configuration policy. For example, if you are configuring
integrated login with DCE as the primary login and UNIX as the
fallback, then /etc/nsswitch.conf will also use DCE as the primary
repository for user information and will use UNIX (/etc/passwd orthe
repository based on the NSS configuraion) as the fallback repository for
cases where the primary is unavailable.
To enhance performance, NSS-DCE caches information it retrieves from
the DCE registry. The cached information is considered valid for a
certain number of seconds (called tstale), after which time it becomes
stale. The default setting for tstale is 60 seconds, and this can be
configured by the user by setting the environment variable
NSSDCE_CACHE_TSTALE (the stale time in seconds). If the user
desires to disable the caching facility completely,
NSSDCE_CACHE_TSTALE can be set to 0 seconds (zero).
During this process you are asked whether or not you want to set up a
cron job to export information from the DCE Security Registry to
/etc/passwd. If you choose to set up the cron job, the activation process
also:
Saves the /etc/passwd file in /etc/passwd.nodce and the
/etc/group file in /etc/group.nodce (if these files do not already
exist).
Executes passwd_export as a cron command. If NSS-DCE is
activated, this cron job is run once every day. Otherwise, it is run
once every hour. You can adjust this frequency by using the
crontab(1) command. Frequencies greater than once per hour are
not recommended.
Activation terminates with an error message when any of these steps
fails.
Configuring ux as a Fallback Technology for DCE
You can configure ux as a fallback technology to allow system access
when DCE, as a login technology, is not available (DCE down or network
problem). If you wish to replicate information of the DCE Security
Registry in /etc/passwd, do the following: