LDAP-UX Client Services B.04.00 Administrator's Guide
Administering LDAP-UX Client Services
Integrating with Trusted Mode
Chapter 4108
• Except for the audit flag, you cannot modify other Trusted Mode
properties/policies for LDAP-based accounts. For example,
attempting to lock an LDAP-based account by modifying the Trusted
Mode field for that user does not prevent that account from logging in
to the host. Instead, you must disable the account on the LDAP
server itself. No runtime warning will be given that the local locking
of the account has no effect. It is important that all system
administrators are properly trained, so that administrative locks on
accounts have the desired effect.
Configuration Parameter
LDAP-UX Client Services provides one configuration parameter,
initial_ts_auditing, available for you to configure the initial auditing
setting for the LDAP-based account. This parameter is defined in the
/etc/opt/ldapux/ldapux_client.conf file.