Planning and Configuring HP-UX DCE 2.0

HP-UX Integrated Login

Activating HP-UX Integrated Login

Chapter 784

Activating HP-UX Integrated Login

The script /usr/sbin/auth.adm is provided to activate HP-UX

Integrated Login and configure a system authentication policy. Until

activated, all Integrated Login utilities retain standard HP-UX behavior.

auth.adm activates Integrated Login by creating an appropriate

/etc/pam.conf file.

When using HP-UX Integrated Login with the default DCE registry,

users who configure DCE as the primary login technology should not

configure UNIX as a fallback technology. See "Configuring ux as a

Fallback Technology for DCE" later in this chapter for more information.

To activate HP-UX Integrated Login and configure an authentication

policy, follow these steps:

1. Log in as root.

2. Issue the auth.adm command, as follows:

/usr/sbin/auth.adm -i[nstall] -l tech_name [-b

tech_name]\[-a tech_name[:tech_name]...]\[-p

tech_name:param=value[:param=value]...]...

where

-l tech_name specifies the authentication technology to be used for

system login. This specification is required.

ux—To specify the UNIX mechanism (/etc/passwd)dce-To specify

the DCE Security Service

-b tech_name specifies the authentication technology to be used for

fallback login. This technology is used when the preferred login

technology is unavailable or fails. This specification is optional. If no

fallback technology is explicitly configured, there will be no fallback

-a tech_name[:tech_name] specifies the authentication

technologies from which to obtain additional credentials after system