'RE: CXX-DEV: How to integrate nss and pam modules with Trusted'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       hpux-cxx-dev
Subject:    RE: CXX-DEV: How to integrate nss and pam modules with Trusted
From:       "Streiber, Mario" <mario.streiber () hp ! com>
Date:       2005-04-06 7:02:02
Message-ID: 36D5481F2DE59046A6F8E0DACF4568560163E7FD () bbnexc03 ! emea ! cpqcorp ! net
[Download RAW message or body]

You really should post this to HPUX-DEVTOOLS.

> -----Original Message-----
> From: owner-cxx-dev@cxx.cup.hp.com
> [mailto:owner-cxx-dev@cxx.cup.hp.com] On Behalf Of
> mohyen.liew@wesoft.com
> Sent: Mittwoch, 6. April 2005 09:00
> To: cxx-dev@cxx.cup.hp.com
> Subject: CXX-DEV: How to integrate nss and pam modules with
> Trusted Mode
>
>
> We are currently working on an identity Management system (runs on
> Unix/Linux) that allows AD domain users to login to
> Unix/Linux machines
> with the username/password  in AD. Currently, this system is
> running well
> on various versions of HP-UX , which are 11.23, 11.22, 11.11
> and 11.00, in
> standard mode.
>
> In order to enable AD domain users to login to the Unix/Linux
> machine, we
> have written our own pam
> and nss modules to talk to AD for authenticating  these
> domain users and
> retrieving their user/group information.At this stage, our system is
> working well with non-trusted system (i.e. standard mode) of
> HPUX . And,
> we are now going to support trusted system as well.
>
> We tried to run our identity Management system on a trusted
> system, the
> result was that all AD users failed to login to the trusted
> system, even
> though our log file indicated that the authentication to AD
> succeeded.
>
> According to HP documentation, there are "Trusted Mode APIs"
> availble,
> which are getprpwent, getprpwuid, getprpwnam, putprpwnam ....
> etc, that
> allow you to manipulate the protected password database.
>
> I tried to add an AD User entry to the protected password
> database using
> putprpwnam(), however, this function failed to add the entry.
>
> The question is what function should we create or use in our NSS/PAM
> modules in order to allow the AD user to login to the Trusted
> Mode HP UX ?
>
> Do we need to implement the _nss_mod_getprpwent, _nss_mod_getprpwuid,
> _nss_mod_getprpwnam, _nss_mod_putprpwnam ... etc functions in our nss
> modules ?
>
> According to to this http://docs.hp.com/en/J4269-90041/ch04s02.html,
> LDAPUX client services indeed support HPUX trusted mode.
> Wondering where can I download the source of  LDAPUX client
> services as an
> exmaple on how to integrate NSS/PAM with HPUX trusted mode ?
>
> Thanks in advnace.
>
> Regards,
> Yen
>  _________________________________________________________________
>  To leave this mailing list, send mail to majordomo@cxx.cup.hp.com
>     with the message UNSUBSCRIBE cxx-dev
>  _________________________________________________________________
>
 _________________________________________________________________
 To leave this mailing list, send mail to majordomo@cxx.cup.hp.com
    with the message UNSUBSCRIBE cxx-dev
 _________________________________________________________________
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic