Manualshelf

Planning and Configuring HP DCE 1.8

ManualsBrandsHP ManualsSoftwareHP-UX DCE Software
131132133134135136137138139140
Chapter 6 137
HP-UX Integrated Login
Integrating DCE with HP-UX Integrated Login
Unconfiguring DCE from HP-UX Integrated Login
To unconfigure DCE without deactivating HP-UX Integrated Login,
perform the steps in the section "Activating HP-UX Integrated Login",
and specify a different authentication policy. To unconfigure DCE and
deactivate HP-UX Integrated Login, follow the steps in the section
"Deactivating HP-UX Integrated Login."
Notes, Cautions, and Warnings About Using HP-UX
Integrated Login with DCE
After configuring HP-UX Integrated Login with DCE as the login
technology, do not activate HP Commercial Security. For Integrated
Login support of Commercial Security and how to configure it, see
"Notes, Cautions, and Warnings".
In previous releases, when ilogin was activated with DCE as the
primary authentication technology, the chsh and chfn commands
transparently changed the shell and finger information in the DCE
registry. At 11i, the chsh and chfnutilities are no longer
transparently integrated with ilogin. chsh -r dce and chfn -r dce
must be used for this purpose. Alternately, one can also use the
passwd -r dce -e and passwd -r dce -g commands. For further
information, refer to the man pages for chsh, chfn, or passwd.
If the passwd_export cron job has been set up and DCE becomes
unavailable, the cron job will fail and generate an e-mail error
message. To stop these error messages, remove the cron job by
unconfiguring DCE from HP-UX Integrated Login after you stop or
remove DCE.
If you have set up a passwd_export cron job to update /etc/passwd
with DCE Registry data, any changes you make to /etc/passwd will
be lost when the cron job updates/etc/passwd.
When DCE is unavailable and HP-UX Integrated Login is configured
to fall back to /etc/passwd, if /etc/passwd has been updated with
information from the DCE Security Registry, and the first 8
characters of the password a user enters at login match the first 8
characters of that user's DCE password, then the login will succeed
even though the password entered may not be identical to the DCE
password. The user will not, however, have DCE credentials.
If you are logged in to DCE from a foreign cell, note that you cannot