LDAP-UX Client Services B.04.10 with Microsoft Windows Active Directory Server Administrator's Guide
rcomds account required /usr/lib/security/libpam_authz.1
rcomds account sufficient /usr/lib/security/libpam_krb5.1
rcomds account required /usr/lib/security/libpam_unix.1
sshd account required /usr/lib/security/libpam_authz.1
sshd account sufficient /usr/lib/security/libpam_krb5.1
sshd account required /usr/lib/security/libpam_unix.1
OTHER account required /usr/lib/security/libpam_unix.1
#
# Session management
#
login session sufficient /usr/lib/security/libpam_krb5.1
login session required /usr/lib/security/libpam_unix.1
dtlogin session sufficient /usr/lib/security/libpam_krb5.1
dtlogin session required /usr/lib/security/libpam_unix.1
dtaction session sufficient /usr/lib/security/libpam_krb5.1
dtaction session required /usr/lib/security/libpam_unix.1
OTHER session required /usr/lib/security/libpam_unix.1
#
# Password management
#
login password sufficient /usr/lib/security/libpam_krb5.1
login password required /usr/lib/security/libpam_unix.1
passwd password sufficient /usr/lib/security/libpam_krb5.1
passwd password required /usr/lib/security/libpam_unix.1
dtlogin password sufficient /usr/lib/security/libpam_krb5.1
dtlogin password required /usr/lib/security/libpam_unix.1
dtaction password sufficient /usr/lib/security/libpam_krb5.1
dtaction password required /usr/lib/security/libpam_unix.1
OTHER password required /usr/lib/security/libpam_unix.1
The following is a sample PAM configuration file used on the HP-UX 11i v2 system.
#
#
# PAM configuration
#
# This pam.conf file is intended as an example only.
# see pam.conf(4) for more details
#
################################################################
# This sample file will authenticate the user who belongs to #
# either Kerberos or Unix system. Using this configuration file#
# if the user is authenticated through Kerberos then the Unix #
# authentication will not be invoked. However,if the Kerberos #
# authentication fails for the user, then the fallback #
# authentication mechanism PAM-Unix will be invoked to #
# authenticate the user. The assumption is the user is either #
# present in Kerberos or in Unix system. #
# #
# In case, the administrator wants the password for all the #
# users to be synchronous between Kerberos and Unix systems, #
# then the control flag should to be set to "required" for all #
# the entries with user_first_pass option set for pam_unix. #
# If password synchronization is optional then try_first_pass #
# option need to be set for pam_unix, so that the user can #
# login using the appropriate passwords. #
# #
# The module pam_hpsec(5) is stacked as mandatory module above #
# all the modules for making security checks before #
# authentication. #
################################################################
#
# Authentication management
204 Sample PAM Configuration File for Security Policy Enforcement