08-31-2013
GSSAPI is an interface tool. It allows C code or java code to access disparate authentication systems using an identical methodology. It often runs against Kerberos.
I do not know definitely if there is a way to "turn off" something like this, but I do not believe you can. The cause is an underlying security setting for system #2. Are you using LDAP or Active Directory? Consider getting your AD folks to look at what the user account settings are with regard to the HPUX box. The authentication in your example did NOT fail, BTW.
This User Gave Thanks to jim mcnamara For This Post:
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Is there any ftp CLIENT(either freeware or sharware) can support passive mode else ncftp?
Thanks! (2 Replies)
Discussion started by: coolmans
2 Replies
2. UNIX for Dummies Questions & Answers
How do i disable anonymous ftp on a unix system?????? Please help!!!!!!!1 (2 Replies)
Discussion started by: rrivas
2 Replies
3. UNIX for Advanced & Expert Users
Hi there, how can i disable the possibility of accessing hp-ux with ftp in the web browser?
is there any way to do this?
thanks (2 Replies)
Discussion started by: vascobrito
2 Replies
4. UNIX for Dummies Questions & Answers
These are the warning messages I am getting but the FTP works fine.How do I get rid of these?
220 FTP server (SunOS 5.8) ready.
500 'AUTH GSSAPI': command not understood.
500 'AUTH KERBEROS_V4': command not understood.
KERBEROS_V4 rejected as an authentication type (0 Replies)
Discussion started by: csviking
0 Replies
5. AIX
Hello,
I have AIX machine communication to mainframe machine. From AIX machine, i have to use always SSH communication. For this, i have created SSH tunnel in AIX machine and using FTP with SSH.
Now both connections are working:
1) only FTP to mainframe machine
2) create SSH and do FTP... (3 Replies)
Discussion started by: balareddy
3 Replies
6. Solaris
HI all,
I am using Solaris 10 and would like to know if it possible to disable ftp use for a single entry in my /etc/hosts file.
Thanks (5 Replies)
Discussion started by: pxy2d1
5 Replies
7. Solaris
Configure ldap client:
I have configured my ldapclient with the AuthenticationMethod=simple and with the credentialLevel=proxy. However, as soon as i want to set the AuthenticationMethod=sasl/GSSAPI, and credentiallevel=self, then it fails to configure. Kerberos is already setup successfully. The... (0 Replies)
Discussion started by: Henk Trumpie
0 Replies
8. HP-UX
hi everybody,
I can easily enable /disable the FTP service from SAM, how can I do this via command line? using inetd? how?
cheers,
messi (1 Reply)
Discussion started by: messi777
1 Replies
9. Red Hat
Hi Experts,
While trying ftp from newly setup Linux box it is giving following error.
GSSAPI error major:Unspecified GSS failure.Minor code may provide more information
GSSAPI error minor:Unknown code krb5 195
GSSAPI error:initializing context
GSSAPI authntication failed
504 AUTH... (1 Reply)
Discussion started by: sai_2507
1 Replies
10. Solaris
Running Solaris 10. For FTP users or groups, I want to prevent them from creating new subdirectories, but I still want to allow them to create, upload, download files from the subdirs.
I understand how to set the general file/directory permissions -- read, write, execute. So for a directory,... (0 Replies)
Discussion started by: themonman
0 Replies
LEARN ABOUT HPUX
pam_acct_mgmt
pam_acct_mgmt(3) Library Functions Manual pam_acct_mgmt(3)
NAME
pam_acct_mgmt() - perform PAM account validation procedures
SYNOPSIS
[ flag ... ] file ... [ library ... ]
DESCRIPTION
The function is called to determine if the current user's account is valid. This includes checking for password expiration, account expi-
ration, account locks and access hour restrictions. This function is typically called after the user has been authenticated with See
pam_authenticate(3).
The pamh argument is an authentication handle obtained by a prior call to The following flags may be set in the flags field:
The account management service should not generate any messages
The account management service should return if the user has a null authentication token.
APPLICATION USAGE
Refer to pam(3) for information on thread-safety of PAM interfaces.
RETURN VALUE
Upon successful completion, is returned. In addition to the error return values described in pam(3), the following values may be returned:
User not known to underlying account management module.
Access permission is denied.
New authentication token required. This is normally returned if the machine
security policies require that the password should be changed because the password is NULL or it has aged.
User account has expired.
User account has been disabled (trusted mode only).
Terminal has been disabled (trusted mode only).
User is not authorized for terminal access (trusted mode only).
Wrong time to login (trusted mode only).
WARNINGS
HP-UX 11i Version 3 is the last release to support trusted systems functionality.
SEE ALSO
pam(3), pam_start(3), pam_sm_acct_mgmt(3), pam_authenticate(3).
pam_acct_mgmt(3)