Installing And Configuring LDAP-UX Client Services

 

 

Use r-command for PAM_LDAP

dtlogin

account required

libpam_hpsec.so.1

dtlogin

account sufficient

libpam_unix.so.1

dtlogin

account required

libpam_ldap.so.1

dtaction

account required

libpam_hpsec.so.1

dtaction

account sufficient

libpam_unix.so.1

dtaction

account required

libpam_ldap.so.1

ftp

account required

libpam_hpsec.so.1

ftp

account sufficient

libpam_unix.so.1

ftp

account required

libpam_ldap.so.1

rcomds

account required

libpam_hpsec.so.1

rcomds

account sufficient

libpam_unix.so.1

rcomds

account required

libpam_ldap.so.1 rcommand

sshd

account required

libpam_hpsec.so.1

sshd

account sufficient

libpam_unix.so.1

sshd

account required

libpam_ldap.so.1

OTHER

account sufficient

libpam_unix.so.1

OTHER

account required

libpam_ldap.so.1

CAUTION

Setting user password to be returned as any string for the hidden

 

password, and turning on the “rcommand” option for pam_ldap

 

account management could allow users with active accounts on a

 

remote host to rlogin to the local host on to a disabled account.

 

 

Chapter 2

77

Page 91
Image 91
HP UX LDAP-UX Integration Software manual Password, and turning on the rcommand option for pamldap