I have an unusual situation. Our DBAs want different passwords for
the oracle account
on production and development machines. I'm using local
authentication for oracle
on all the boxes, but they're also not allowed to log in directly as
oracle, only su, but
su always wants to go to ldap first.
I've figured this out on AIX. If anyone googles this later:
in /etc/security/user
the default: stanza needs to have:
system = compat or KRB5ALXAP or LDAP
instead of:
SYSTEM = KRB5ALXAP or LDAP or compat
It could probably be done other ways (using PAM,) but this was easiest for now.
On Tue,
