![](/images/backgrounds/286180/hp-hp-ux-ldap-ux-integration-software-administrators-guide-669716206x1.png)
Sample /etc/pam.ldap.trusted file
su | account required | /usr/lib/security/libpam_unix.1 |
dtlogin | account sufficient | /usr/lib/security/libpam_ldap.1 |
dtlogin | account required | /usr/lib/security/libpam_unix.1 |
dtaction | account sufficient | /usr/lib/security/libpam_ldap.1 |
dtaction | account required | /usr/lib/security/libpam_unix.1 |
ftp | account sufficient | /usr/lib/security/libpam_ldap.1 |
ftp | account required | /usr/lib/security/libpam_unix.1 |
OTHER | account sufficient | /usr/lib/security/libpam_ldap.1 |
OTHER | account required | /usr/lib/security/libpam_unix.1 |
#Session management
login | session requried | /usr/lib/security/libpam_ldap.1 |
login | session required | /usr/lib/security/libpam_unix.1 |
dtlogin | session required | /usr/lib/security/libpam_ldap.1 |
dtlogin | session required | /usr/lib/security/libpam_unix.1 |
dtaction | session required | /usr/lib/security/libpam_ldap.1 |
dtaction | session required | /usr/lib/security/libpam_unix.1 |
OTHER | session required | /usr/lib/security/libpam_ldap.1 |
OTHER | session required | /usr/lib/security/libpam_unix.1 |
# Password | management # |
|
login | password sufficient | /usr/lib/security/libpam_ldap.1 |
login | password required | /usr/lib/security/libpam_unix.1 try_first_pass |
passwd | password sufficient | /usr/lib/security/libpam_ldap.1 |
passwd | password required | /usr/lib/security/libpam_unix.1 try_first_pass |
dtlogin | password sufficient | /usr/lib/security/libpam_ldap.1 |
dtlogin | password required | /usr/lib/security/libpam_unix.1 try_first_pass |
dtaction | password sufficient | /usr/lib/security/libpam_ldap.1 |
dtaction | password required | /usr/lib/security/libpam_unix.1 try_first_pass |
OTHER | password sufficient | /usr/lib/security/libpam_ldap.1 |
OTHER | password required | /usr/lib/security/libpam_unix.1 try_first_pass |
The following is a sample PAM configuration file, /etc/pam.ldap.trusted, used for the
#
#PAM configuration
#This pam.conf file is intended as an example only.
################################################################
# This configuration file has only been modified for default | # |
# services. Other services can be added or modified as needed | # |
# or desired. If a service is not listed, it will use the | # |
# OTHER classification. | # |
# | # |
# the format for a entry is | # |
# <service> <module_type> <control> <module path> <options> | # |
# | # |
# see pam.conf(4) for more details | # |
# | # |
# NOTE: This pam.conf file is recommended only if you convert | # |
# your system to a Trusted System. If your system is in the | # |
# Standard Mode, use the pam.ldap file as an example. | # |
# | # |
# NOTE: If the path to a library is not absolute, it | is | assumed# | |
# to be relative to the directory /usr/lib/security/$ISA. | # | ||
# The “$ISA (i.e Instruction Set Architecture) token | is |
| # |
# replaced by the PAM engine (libpam) with “hpux64” for | IA | # | |
# | # | ||
# with “pa20_64” for PA | for PA | # | |
# |
|
| # |
192 | Appendix C |