LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
login account required libpam_ldap.so.1
su account required libpam_hpsec.so.1
su account required libpam_authz.so.1 policy=/etc/opt/ldapux/su.policy
su account sufficient libpam_unix.so.1
su account required libpam_ldap.so.1
dtlogin account required libpam_hpsec.so.1
dtlogin account required libpam_authz.so.1 policy=/etc/opt/ldapux/login.policy
dtlogin account sufficient libpam_unix.so.1
dtlogin account required libpam_ldap.so.1
dtaction account required libpam_hpsec.so.1
dtaction account required libpam_authz.so.1 policy=/etc/opt/ldapux/su.policy
dtaction account sufficient libpam_unix.so.1
dtaction account required libpam_ldap.so.1
ftp account required libpam_hpsec.so.1
ftp account required libpam_authz.so.1 policy=/etc/opt/ldapux/ftp.policy
ftp account sufficient libpam_ldap.so.1
ftp account required libpam_unix.so.1
rcomds account required libpam_hpsec.so.1
rcomds account required libpam_authz.so.1 policy=/etc/opt/ldapux/login.policy
rcomds account sufficient libpam_unix.so.1
rcomds account required libpam_ldap.so.1 rcommand
sshd account required libpam_hpsec.so.1
sshd account required libpam_authz.so.1 policy=/etc/opt/ldapux/login.policy
sshd account sufficient libpam_unix.so.1
sshd account required libpam_ldap.so.1 rcommand
OTHER account required libpam_hpsec.so.1
OTHER account required libpam_authz.so.1 etc/opt/ldapux/login.policy
OTHER account sufficient libpam_unix.so.1
OTHER account required libpam_ldap.so.1
# Session management
#
login session required libpam_hpsec.so.1
login session sufficient libpam_unix.so.1
login session required libpam_ldap.so.1
dtlogin session required libpam_hpsec.so.1
dtlogin session sufficient libpam_unix.so.1
dtlogin session required libpam_ldap.so.1
dtaction session required libpam_hpsec.so.1
dtaction session sufficient libpam_unix.so.1
dtaction session required libpam_ldap.so.1
ftp session required libpam_hpsec.so.1 bypass_limit_login
bypass_umask bypass_nologin
ftp session sufficient libpam_unix.so.1
ftp session required libpam_ldap.so.1
rcomds session required libpam_hpsec.so.1 bypass_limit_login
rcomds session sufficient libpam_unix.so.1
rcomds session required libpam_ldap.so.1
sshd session required libpam_hpsec.so.1
sshd session sufficient libpam_unix.so.1
sshd session required libpam_ldap.so.1
OTHER session required libpam_hpsec.so.1
OTHER session sufficient libpam_unix.so.1
OTHER session required libpam_ldap.so.1
# Password management #
login password required libpam_hpsec.so.1
login password sufficient libpam_unix.so.1
login password required libpam_ldap.so..1 try_first_pass
passwd password required libpam_hpsec.so.1
passwd password sufficient libpam_unix.so.1
passwd password required libpam_ldap.so.1 try_first_pass
dtlogin password required libpam_hpsec.so.1
dtlogin password sufficient libpam_unix.so.1
dtlogin password required libpam_ldap.so.1 try_first_pass
sshd password required libpam_hpsec.so.1
sshd password sufficient libpam_unix.so.1
sshd password required libpam_ldap.so.1 try_first_pass
OTHER password required libpam_hpsec.so.1
OTHER password sufficient libpam_unix.so.1
OTHER password required libpam_ldap.so..1 try_first_pass
D.5 Sample PAM configuration file for security policy enforcement in an HP server environment 431