Hej Hej Peter!
To configure AIX (version 4 and later) to authenticate users
to using AFS you need to:
a) Ensure the root stanza in /etc/security/user has
_local_ authentication defined. Do this by having
the following attributes in root stanza:
SYSTEM = "compat"
registry = files
b) Add the following stanza to /etc/security/login.cfg
AFS:
program = /usr/vice/etc/afs_dynamic_auth
retry = 3
timeout = 30
retry_delay = 10
c) In /etc/security/user, EITHER:
b1) Set the default authentication method to AFS.
Do this by adding the following two attributes
"default:" stanza:
SYSTEM = "AFS OR AFS [UNAVAIL] AND compat [SUCCESS]"
registry = AFS
OR:
b2) For each AFS user, add the two attributes to each
AFS user's stanza:
SYSTEM = "AFS OR AFS [UNAVAIL] AND compat [SUCCESS]"
registry = AFS
d) Add an entry to /etc/passwd for the user. Typically, with the
password field set to "X". For example:
bender:X:4719:1:Bender (unit 22):/afs/@cell/u/bender:/bin/ksh
Incidentally, all of this processing (except step "d") is done by
"afs_install" scripts which you can find at:
http://www.angelfire.com/hi/plutonic/afs_install.html
or /afs/transarc.com/public/afs-contrib/tools/afs_install
The only bit afs_install does not do is add entries to /etc/passwd
because /etc/passwd contents are a local decision.
So, to achieve your goal, you could use "afs_install" to
establish AFS authentication and then use Tivioli to
configure the contents of /etc/passwd.
I hope this helps!
--
cheers
paul http://acm.org/~mpb
>Hi all,
>
>Our Tivoli team needs to be able to run the Tivoli GUI (of which I know
>zilch) against an AIX machine. I can set each user up so that they have
>local passwords on the machine, but I wan't them to authenticate against
>AFS. How is this done? Is it something I can do on the OS level or is it
>something in Tivoli's configuration?
>
>Any help whatsoever is welcome,
>/Peter
>--
>Peter Strvmberg, e-mail: [EMAIL PROTECTED]
>WM-Data Scania, Jdrnagatan 41-49, 15127 Svdertdlje
>Tel: 0855383853, Fax: 0855381040
