Integrating DCE with
Activation terminates with an error message when any of these steps fails.
Configuring ux as a Fallback Technology for
DCE
You can configure ux as a fallback technology to allow system access when DCE, as a login technology, is not available (DCE down or network problem). If you wish to replicate information of the DCE Security Registry in /etc/passwd, do the following:
• Make sure the DCE Security Registry is not set up to hide exported
| passwords. When exported passwords are hidden, passwd_export |
| does not export the encrypted passwords from the DCE Security |
| Registry to /etc/ passwd. You can verify this property of the DCE |
| Security Registry by running dcecp and issuing the command |
| registry show at the prompt. You can disable hidden passwords by |
| issuing the command registry modify |
| To change this property, you must have cell_admin DCE credentials. |
| If you wish to take advantage of the increased security provided by the |
NOTE | |
| DCE Security Registry hidden passwords policy, do not configure ux as a |
| fallback technology. Specify DCE as the primary login technology, with |
| no fallback login technology. |
|
|
•Set up a cron job to export information from the DCE Security Registry to /etc/passwd. You are asked, during the activation process, whether or not to set up such a cron job. With your approval, a passwd_export cron job is set up. If
•If you wish to prevent a certain user from logging in to the local system, create an entry for that user in the passwd_override file and place the word “OMIT” in the password field of the entry. passwd_export will exclude those entries from /etc/passwd when transferring information from the DCE Security Registry.
Users who configure DCE as the primary login and UNIX as the backup technology should be aware that the UNIX backend is useful as a backup only for names and passwords that meet UNIX requirements,
Planning and Configuring HP DCE 1.7 |