DCE Authentication timeout value in aix.

10 More Discussions You Might Find Interesting

1. AIX

Samba 3.6 on AIX 7.1 - Windows 10 Access to AIX file shares using Active Directory authentication

I am running AIX 7.1 and currently we have samba 3.6.25 installed on the server. As it stands some AIX folders are shared that can be accessed by certain Windows users. The problem is that since Windows 10 the guest feature no longer works so users have to manually type in their Windows login/pwd...

2. AIX

AIX 5.3 NFS export not mounting, rpcinfo hang/timeout on server

Been trying to get a directory NFS-mounted with no success. I've tried both NFS v3 and v4, but currently trying v4. I can't figure out what's going on here. server: sbkovwadmd01 sbkovwadmd01# chnfsdom Current local domain: edw.dev sbkovwadmd01# lssrc -a | grep nfs | grep active nfsd ...

3. AIX

AIX ssh timeout

I have to make a command to work when connecting to AIX 7.1 (used by an internal software). I have a linux server L where the following command is runned ssh -t <aix-server-ip> ls For a <non-aix-server-ip> the command runs successfully. For AIX the terminal just gets blocked. ssh connection...

4. AIX

SSH and kerberos authentication problem AIX 5.3

I've configured an AIX 5.3 client to use our Windows AD for user authentication via Kerberos. When I try to ssh to the server using the AD credentials, I eventually get access but not after getting prompted for a password 3 times (which doesn't work) followed by an accepted login on the 4th...

5. AIX

AIX and radius authentication

We want to use RADIUS to authenticate our AIX server logins. Can anybody tell me how to set on AIX server up to use a Radius server to authenticate or point me to documentation on setting up AIX to use Radius to authenticate user login. Our problem is that we have a few users that access our...

6. AIX

How to change the order of authentication in aix?

I have an AIX system configured as NIS client. I have an local user on the system called "batman" and i have a user by the same name in NIS as well. Now when i try to login with Batman user, the local batman gets in. How do I tell the AIX machine to authenticate Batman as NIS user? ...

7. AIX

AIX: How to check which authentication method we are using for a user?

In /etc/security/user, we can set which authentication method we use for each user. for example: test: admin = false rlogin = false SYSTEM = "NONE" I want to test whether SYSTEM=NONE (without ") is acceptable. How can I verify it? and How can we check which...

8. AIX

ftp timeout valiue in AIX 5.3 server !

Dear Friends, I am using AIX 5.3 server . In AIX , I want to increase the timeout value of the ftp service . But I cannot find any configuration file with ftp related in AIX 5.3 server . Would anybody plz tell me , How can I increase the default timeout value in AIX ?

9. UNIX for Advanced & Expert Users

AIX password authentication very slow

AIX password authentication very slow I installed and already removed openssh and our login on the aix box very slow. It takes 30 seconds to get the password authenticated. How can i debug this problem? and what might be the reason. It was working fine until i tried to get openssh...

10. UNIX for Dummies Questions & Answers

how to set timeout for aix?

if a user login and never shutdown or exit...how do you set an automatic shutdown or timeout if the user leave the session on for 20 minutes? thanks

LEARN ABOUT HPUX

pam_dce

pam_dce(5)																pam_dce(5)

NAME

       pam_dce - authentication, account, and password management PAM functions for DCE

SYNOPSIS

       /usr/lib/security/libpam_dce.so.1

DESCRIPTION

       The  DCE  PAM  modules allow integration of DCE into the system entry services (such as login, telnet, rlogin, ftp) through the pam.conf(4)
       file.  The DCE service module for PAM consists of the following three modules: the authentication module, the  account  management  module,
       and  the  password management module.  All three modules are supported through the same loadable library, /usr/lib/security/libpam_dce.so.1
       is the interface that services the requests from These requests will be communicated to the DCE security server, which in  turn	sends  the
       response back to ilogind. This response is then sent back to /usr/lib/security/libpam_dce.so.1.

Authentication Module
       The  authentication  module certifies the identity of a user and the user's credentials.  It passes the authentication key derived from the
       user's password to the DCE Security Service.  The Security Service then uses the authentication key to certify the user and the user's cre-
       dentials.  The following options can be passed to the authentication module through the pam.conf(4) file:

	      debug	     Turn on syslog debugging at the LOG_DEBUG level.

	      nowarn	     Turn off warning messages about not being able to acquire DCE credentials.

	      use_first_pass Use  the initial password (entered when the user is authenticated to the first authentication module in the stack) to
			     authenticate with DCE.  If the user can not be authenticated or if this is the first  authentication  module  in  the
			     stack,  quit and do not prompt a password. It is recommended that this option be used only if the authentication mod-
			     ule is designated as optional in the pam.conf(4) configuration file.

	      try_first_pass Use the initial password (entered when the user is authenticated to the first authentication module in the PAM stack)
			     to  authenticate  with DCE.  If the user cannot be authenticated or if this is the first authentication module in the
			     stack, prompt for a password.

       A user must be authenticated and the user's credentials set before a system entry service can access any file directories owned by the user
       that are mounted through DTS.

Account Management Module
       The account management module provides a function to perform account management (pam_sm_acct_mgmt(3)).  sends a request to the
	DCE  implementation  of  pam_sm_acct_mgmt(3)  function which retrieves the user's account and password expiration information from the DCE
       Security Server and verifies that the user's account and password have not expired.  The following options can be  passed  to  the  account
       module through the pam.conf(4) file:

	      debug		  Turn on syslog debugging at the LOG_DEBUG level.

	      nowarn		  Turn off warning messages displayed when a user's account and/or password are going to expire.

       pam_sm_acct_mgmt(3) calls the function sec_login_inquire_net_info(3) to retrieve information about when a user's account and/or password is
       going to expire.

Password Management Module
       The password management module provides a function to change passwords (pam_sm_chauthtok(3)).  The following options can be passed  to  the
       password module through the pam.conf(4) file:

	      debug	     Turn on syslog debugging at the LOG_DEBUG level.

	      nowarn	     Turn off warning messages about not being able to change passwords.

	      try_first_pass Use  the  initial	password (entered to the first password module in the PAM stack) to authenticate with DCE.  If the
			     user cannot be authenticated or if this is the first password module in the stack, prompt for a password.

	      use_first_pass Use the initial password (entered to the first password module in the PAM stack) to authenticate with  DCE.  If  user
			     cannot  be authenticated or if this is the first password module in the stack, quit and do not prompt for a password.
			     It is recommended that this option be used only if  the  DCE  password  module  is  designated  as  optional  in  the
			     pam.conf(4) configuration file.

SEE ALSO

       pam(3),	  sec_login_setup_identity(3),	  sec_login_valid_and_cert_ident(3),	sec_login_set_context(3),   sec_login_inquire_net_info(3),
       pam.conf(4), pam_unix(5) ilogind(1m)

HP DCE
																	pam_dce(5)

AIX