Question:
AIX servers use LAM (Loadable Authentication Module) by default. Centrify DirectAuthorize requies applications to be PAM-enabled on AIX 6.x. Is there any configuration needed on AIX to use PAM (Pluggable Authentication Module) instead?
Answer:
Centrify supports both PAM and LAM authentication however PAM authentication has to be enabled in AIX 6.1. Please follow these steps:
a) Login as root on the AIX server in question.
b) Navigate to /etc/security/ folder.
c) Edit the login.cfg file and change auth_type to PAM_AUTH. The default is STD_AUTH.
auth_type = PAM_AUTH
- PAM_AUTH
- Use PAM to authenticate users via the /etc/pam.conf file
- STD_AUTH
- Use an application's standard means of user authentication. This is the default value.
d) Once the AIX system is configured to use PAM, DirectAuthorize PAM Access rights can be applied to AIX systems.
For version AIX 5.3, you can refer to the below link. If you need more information on login.cfg, please refer to the 2nd link:
Centrify Corporation does not take any responsibility for the content or availability of this link and it was provided as a courtesy. Customers should contact the vendor if there are any further questions