Planning and Configuring HP-UX DCE 2.0
HP-UX Integrated Login
Integrating DCE with HP-UX Integrated Login
Chapter 7 93
• Unlike user root, the cell administrator must provide cell_admin's
password when using the HP-UX Integrated passwd to change other
users' passwords in the DCE Security Registry.
• User passwords are limited to 128 characters for ftp; otherwise,
passwords can be up to 512 characters.
• HP-UX Integrated Login utilities take longer to execute and require
more system resources than the HP-UX equivalents.
• For operations that do not require the user to enter a password, no
DCE credentials are obtained. Examples include:
- su when executed by root
- rlogin when an.rhosts file authorizes access
- Anonymous ftp
Preparing to Integrate DCE with HP-UX Integrated
Login
Before integrating DCE with HP-UX Integrated Login on a system, you
must prepare as follows. You can configure DCE as either the login
technology or as an additional technology.
If you plan to configure DCE as the login technology:
• Configure the system as a DCE cell member.
• Set up a valid root account in the DCE Security Registry.
• Set up valid accounts in the DCE Security Registry for all users that
require login access to the cell, or local login access to cell member
systems. Use either dcecp or passwd_import to set up accounts.
• Decide whether to configure ux as the fallback technology, and, if so,
whether to export DCE Registry data to /etc/passwd via a
passwd_export entry in your crontab file. It is recommended that
you use this mechanism to keep the local password file synchronized
with the DCE Registry, in the event that fallback login is needed.
(See "Activating HP-UX Integrated Login" in this chapter for further
information.)