LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
rcomds session required libpam_hpsec.so.1 bypass_limit_login
rcomds session sufficient libpam_krb5.so.1
rcomds session required libpam_unix.so.1
sshd session required libpam_hpsec.so.1
sshd session sufficient libpam_krb5.so.1
sshd session required libpam_unix.so.1
OTHER session sufficient libpam_krb5.so.1
OTHER session required libpam_unix.so.1
#
# Password management
#
login password required libpam_hpsec.so.1
login password sufficient libpam_krb5.so.1
login password required libpam_unix.so.1 try_first_pass
passwd password required libpam_hpsec.so.1
passwd password sufficient libpam_krb5.so.1
passwd password required libpam_unix.so.1 try_first_pass
dtlogin password required libpam_hpsec.so.1
dtlogin password sufficient libpam_krb5.so.1
dtlogin password required libpam_unix.so.1 try_first_pass
sshd password required libpam_hpsec.so.1
sshd password sufficient libpam_krb5.so.1
sshd password required libpam_unix.so.1 try_first_pass
OTHER password sufficient libpam_krb5.so.1
OTHER password required libpam_unix.so.1 try_first_pass
C.3 ldapux_client.conf file after autosetup configuration
The autosetup script creates the startup file /etc/opt/ldapux/ldapux_client.conf on
the LDAP-UX client system, enabled for TLS support (enable_startTLS is set to 1). The following
shows the ldapux_client.conf that is configured by autosetup. The same file is created
for both HP server and Windows ADS environments.
LDAP-UX Client Services Configuration File
# file name: /etc/opt/ldapux/ldapux_client.conf
#
# This file contains two sections of information.
# The first, the [NSS] section, contains the general configuration
# for the LDAP-UX Client Services product. You can edit the
# configuration file to turn the configuration flags on and off.
# The second, the [profile] section, is generated either from the
# create_profile entry or the setup program.
# If you are an experienced administrator, you may edit this file.
# If the information in this file is not accurate, however, you will
# not be able to retrieve the Configuration Profile entry.
#
# Non-LDAP-UX Integration applications can take advantage of this file
# and the profile management tools. You should add the general
# configuration under the section for your product as was done in the
# [NSS] section, and your application will process the configuration
# under that section.
#
# Your application can call the profile management tools to retrieve
# the profile from the Directory Server and run a specific program to
# your application afterwards.
[NSS]
# This section processes all general configuration flags for LDAP-UX
# Integration.
# To enable logging:
#
# *uncomment the log_facility and log_level
# *modify the values if appropriate.
#
# Logging uses the syslog facility. You may have to modify the syslog
# Configuration and signal the syslog daemon to accept the log_facility
# and log_level configured here. See man syslogd(1M) for information on
# using syslog.
#
# LOG_INFO will log only unusual events. LOG_DEBUG logs trace information,
# and will reduce performance and generate large log files on active systems.
#
414 Samples of LDAP-UX configuration files created or modified by autosetup