Manualshelf

Planning and Configuring HP-UX DCE 2.0

ManualsBrandsHP ManualsSoftwareHP-UX DCE Software
919293949596979899100
HP-UX Integrated Login
Integrating DCE with HP-UX Integrated Login
Chapter 7 99
DCE allows cell_admin to change the password of any other
principal. However, UNIX does not allow this behavior. Therefore, if
a user logs in as cell_admin and tries to change another user's
password, the following message will display:
Password successfully changed in DCE registryPermission
denied.
As shown in the preceding message, the password has been changed
in DCE, but not in /etc/passwd. To resynchronize the
passwords, the user must login as root and run the passwd
-r files command. This command changes the password in
the /etc/passwd file only.
UNIX allows the root user to su to any other user's account without
prompting root for a password. DCE, however, cannot issue
credentials without a password. Therefore, the su operation will
appear to succeed, but the new user will not have DCE credentials.
Unconfiguring DCE from HP-UX Integrated Login
To unconfigure DCE without deactivating HP-UX Integrated Login,
perform the steps in the section "Activating HP-UX Integrated Login",
and specify a different authentication policy. To unconfigure DCE and
deactivate HP-UX Integrated Login, follow the steps in the section
"Deactivating HP-UX Integrated Login."
Notes, Cautions, and Warnings About Using HP-UX
Integrated Login with DCE
After configuring HP-UX Integrated Login with DCE as the login
technology, do not activate HP Commercial Security. For Integrated
Login support of Commercial Security and how to configure it, see
Notes, Cautions, and Warnings on page 89".
In previous releases, when ilogin was activated with DCE as the
primary authentication technology, the chsh and chfn commands
transparently changed the shell and finger information in the DCE
registry. From HP-UX 11.0 onwards, the chsh and chfn utilities are
no longer transparently integrated with ilogin. chsh -r dce and
chfn -r dce must be used for this purpose. Alternately, one can
also use the passwd -r dce -e and passwd -r dce -g commands.
For further information, refer to the manpages for chsh, chfn, or
passwd.