Administering LDAP-UX Client Services
Integrating with Trusted Mode
•Except for the audit flag, you cannot modify other Trusted Mode properties/policies for LDAP-based accounts. For example, attempting to lock an LDAP-based account by modifying the Trusted Mode field for that user does not prevent that account from logging in to the host. Instead, you must disable the account on the LDAP server itself. No runtime warning will be given that the local locking of the account has no effect. It is important that all system administrators are properly trained, so that administrative locks on accounts have the desired effect.
Configuration Parameter
LDAP-UX Client Services provides one configuration parameter, initial_ts_auditing, available for you to configure the initial auditing setting for the LDAP-based account. This parameter is defined in the /etc/opt/ldapux/ldapux_client.conf file.
