Manualshelf

LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
421422423424425426427428429430
OTHER password required libpam_hpsec.so.1
OTHER password sufficient libpam_krb5.so.1
OTHER password required libpam_unix.so.1 try_first_pass
D.3 Sample pam.conf file for Trusted Mode in an HP server environment
This section provides the sample PAM configuration file, /etc/pam.ldap.trusted. This file
must be used as the /etc/pam.conf file if your directory server is the HP-UX Directory Server or
Red Hat Directory Server and your LDAP client is in Trusted Mode. Placing PAM_LDAP before
PAM_UNIX enables PAM_LDAP to generate necessary audit files used by PAM_UNIX and Trusted
Mode. If your system is in Standard Mode, you should still use /etc/pam.ldap or a similar file
as the /etc/pam.conf file.
The following is a sample PAM configuration file, /etc/pam.ldap.trusted.
#
# PAM configuration
#
# This pam.conf file is intended as an example only.
#
#
################################################################
# This configuration file has only been modified for default #
# services. Other services can be added or modified as needed #
# or desired. If a service is not listed, it will use the #
# OTHER classification. #
# #
# the format for a entry is #
# <service> <module_type> <control> <module path> <options> #
# #
# see pam.conf(4) for more details #
# #
# NOTE: This pam.conf file is recommended only if you convert #
# your system to a Trusted System. If your system is in the #
# Standard Mode, use the pam.ldap file as an example. #
# #
# NOTE: If the path to a library is not absolute, it is assumed#
# to be relative to the directory /usr/lib/security/$ISA. #
# The "$ISA (i.e Instruction Set Architecture) token is #
# replaced by the PAM engine (libpam) with "hpux64" for IA #
# 64-bit modules, or with "hpux32" for IA 32-bit modules, or #
# with "pa20_64" for PA 64-bit modules, or with NULL for PA #
# 32-bit modules. #
# For PA applications, library name ending with "so.1" is a #
# symbolic link that points to the corresponding PA (32 or 64 #
# bit) backend library. #
################################################################
#
# Authentication management
#
login auth required libpam_hpsec.so.1
login auth sufficient libpam_ldap.so.1
login auth required libpam_unix.so.1 try_first_pass
su auth required libpam_hpsec.so.1
su auth sufficient libpam_ldap.so.1
su auth required libpam_unix.so.1 try_first_pass
dtlogin auth required libpam_hpsec.so.1
dtlogin auth sufficient libpam_ldap.so.1
dtlogin auth required libpam_unix.so.1 try_first_pass
dtaction auth required libpam_hpsec.so.1
dtaction auth sufficient libpam_ldap.so.1
dtaction auth required libpam_unix.so.1 try_first_pass
ftp auth required libpam_hpsec.so.1
ftp auth sufficient libpam_ldap.so.1
426 Sample PAM configuration (pam.conf) files