HP-UX Integrated Login

Operation of Integrated Login Utilities

Operation of Integrated Login Utilities

The Integrated Login utilities are login, dtlogin, dtsession, su, and ftpd. The passwd utility is also integrated to facilitate the manipulation of registries (such as the registries for technologies used by HP-UX Integrated Login.) The Secure Internet Services (SIS) version of ftpd is not integrated. The SIS versions of rlogin and telnet provide the integrated login service when login on the remote system requires a password.

The Integrated Login utilities attempt to first authenticate a user via the login technology. If the login technology is not available or fails, and a fallback technology is configured, the user is authenticated via the fallback technology. If none of the authentications succeed, then the user is denied access to the local system. Note that fallback will not occur if the login technology specifically denies access to a user (such as the user name is recognized, but the password is incorrect; or a time-based authorization does not allow the user to log in at that time).

After a user is successfully logged in, the Integrated Login utilities attempt to authenticate the user to all additional technologies configured. Any failure in this step is not fatal. The user is still allowed to log in and is appropriately warned of the failures.

Upon unlocking the HP-CDE session, the integrated dtsession attempts to refresh all credentials a user has obtained through integrated dtlogin.

If passwd successfully changes a user’s password in the login registry, it also attempts to make the change in the registries of all other technologies configured.

Planning and Configuring HP DCE 1.7

6-5