LDAP-UX Client Services B.04.15 Administrator's Guide
# the format for a entry is #
# <service> <module_type> <control> <module path> <options>
# #
# # see pam.conf (4) for more details
# #
# ################################################################
# # Authentication management # login auth required
libpam_hpsec.so.1 login auth sufficient libpam_unix.so.1
login auth required libpam_ldap.so.1 try_first_pass
su auth required libpam_hpsec.so.1 su auth
sufficient libpam_unix.so.1 su auth required
libpam_ldap.so.1 try_first_pass dtlogin auth required libpam_hpsec.so.1
dtlogin auth sufficient libpam_unix.so.1 dtlogin auth
required libpam_ldap.so.1 try_first_pass dtaction auth required
libpam_hpsec.so.1 dtaction auth sufficient libpam_unix.so.1
dtaction auth required libpam_ldap.so.1 try_first_pass
ftp auth required libpam_hpsec.so.1 ftp auth
sufficient libpam_unix.so.1 ftp auth required libpam_ldap.so.1
try_first_pass rcomds auth required libpam_hpsec.so.1
rcomds auth sufficient libpam_unix.so.1 rcomds auth
required libpam_ldap.so.1 try_first_pass sshd auth required
libpam_hpsec.so.1 sshd auth sufficient libpam_unix.so.1
sshd auth required libpam_ldap.so.1 try_first_pass OTHER
auth sufficient libpam_unix.so.1 OTHER auth required
libpam_ldap.so.1 try_first_pass # Account management # login
account required libpam_hpsec.so.1 login account required
libpam_authz.so.1 login account sufficient libpam_unix.so.1
login account required libpam_ldap.so.1 su account
required libpam_hpsec.so.1 su account sufficient libpam_unix.so.1
su account required libpam_ldap.so.1 dtlogin account
required libpam_hpsec.so.1 dtlogin account sufficient libpam_unix.so.1
dtlogin account required libpam_ldap.so.1 dtaction account
required libpam_hpsec.so.1 dtaction account sufficient libpam_unix.so.1
dtaction account required libpam_ldap.so.1 ftp account
required libpam_hpsec.so.1 ftp account sufficient libpam_ldap.so.1
ftp account required libpam_unix.so.1 rcomds account
required libpam_hpsec.so.1 rcomds account required libpam_authz.so.1
rcomds account sufficient libpam_unix.so.1 rcomds account
required libpam_ldap.so.1 rcommand sshd account required
libpam_hpsec.so.1 sshd account required libpam_authz.so.1
sshd account sufficient libpam_unix.so.1 sshd account
required libpam_ldap.so.1 rcommand OTHER account sufficient
libpam_unix.so.1 OTHER account required libpam_ldap.so.1
# Session management # login session required libpam_hpsec.so.1
login session sufficient libpam_unix.so.1 login session
required libpam_ldap.so.1 dtlogin session required libpam_hpsec.so.1
dtlogin session sufficient libpam_unix.so.1 dtlogin session
required libpam_ldap.so.1 dtaction session required libpam_hpsec.so.1
dtaction session sufficient libpam_unix.so.1 dtaction session
required libpam_ldap.so.1 ftp session required libpam_hpsec.so.1
bypass_limit_login bypass_umask bypass_nologin
ftp session sufficient libpam_unix.so.1 ftp session
required libpam_ldap.so.1 rcomds session required libpam_hpsec.so.1
bypass_limit_login rcomds session sufficient libpam_unix.so.1
rcomds session required libpam_ldap.so.1 sshd session
required libpam_hpsec.so.1 sshd session sufficient libpam_unix.so.1
sshd session required libpam_ldap.so.1 OTHER session
sufficient libpam_unix.so.1 OTHER session required libpam_ldap.so.1
# Password management # login password required libpam_hpsec.so.1
login password sufficient libpam_unix.so.1 login password
required libpam_ldap.so..1 try_first_pass passwd password
required libpam_hpsec.so.1 passwd password sufficient libpam_unix.so.1
passwd password required libpam_ldap.so.1 try_first_pass
dtlogin password required libpam_hpsec.so.1 dtlogin password
sufficient libpam_unix.so.1 dtlogin password required libpam_ldap.so.1
try_first_pass sshd password required libpam_hpsec.so.1
sshd password sufficient libpam_unix.so.1 sshd
password required libpam_ldap.so.1 try_first_pass OTHER
password sufficient libpam_unix.so.1 OTHER password
required libpam_ldap.so.1 try_first_pass
250 Sample /etc/pam.conf File for Security Policy Enforcement