Configuration Guide for Kerberos Client Products on HP-UX

Introduction to the Kerberos Products and GSS-API

PAM Kerberos

Chapter 248

The pam.conf File on HP-UX 11i v2 and HP-UX 11i v3

# For per user configuration the libpam_updbe.1 (pam_updbe(5)) module

# must be the first module in the stack. If Kerberos authentication

# is valid the UNIX authentication function will not be invoked.

The pam_krb5 File on HP-UX 11.0 and HP-UX 11i v1

The pam_krb5 File on HP-UX 11i v2 and HP-UX 11i v3

The pamkrbval Tool

Use the pamkrbval tool to validate your PAM Kerberos configuration.

This tool verifies PAM Kerberos configuration files and enables the

system administrator to diagnose the problem, if any. Following are the

files, the pamkrbval tool verifies:

• /etc/pam.conf

• /etc/pam_user.conf

• /etc/krb5.conf

• /etc/krb5.keytab

This tool also checks if the default realm KDC is up and running.

The pamkrbval tool validates the following: