HP UX DCE Software manual 139

HP-UX Integrated Login

Integrating DCE with HP-UX Integrated Login

•Unlike user root, the cell administrator must provide cell_admin’s password when using the HP-UX Integrated passwd to change other users’ passwords in the DCE Security Registry.

•User passwords are limited to 128 characters for ftp; otherwise, passwords can be up to 512 characters.

•HP-UX Integrated Login utilities take longer to execute and require more system resources than the HP-UX equivalents.

•For operations that do not require the user to enter a password, no DCE credentials are obtained. Examples include:

-su when executed by root

-rlogin when an .rhosts file authorizes access

-Anonymous ftp

Preparing to Integrate DCE with HP-UX Integrated Login

Before integrating DCE with HP-UX Integrated Login on a system, you must prepare as follows. You can configure DCE as either the login technology or as an additional technology.

If you plan to configure DCE as the login technology:

•Configure the system as a DCE cell member.

•Set up a valid root account in the DCE Security Registry.

•Set up valid accounts in the DCE Security Registry for all users that require login access to the cell, or local login access to cell member systems. Use either dcecp or passwd_import to set up accounts.

•Decide whether to configure ux as the fallback technology, and, if so, whether to export DCE Registry data to /etc/passwd via a passwd_export entry in your crontab file. It is recommended that you use this mechanism to keep the local password file synchronized with the DCE Registry, in the event that fallback login is needed. (See “Activating HP-UX Integrated Login” in this chapter for further information.)