authconfig
AUTHCONFIG(8) AUTHCONFIG(8)
NAME
authconfig - an interface for configuring system authentication
resources
SYNOPSIS
authconfig [--back] [--test] [--nostart] [--kickstart] [--probe]
[--enablecache] [--disablecache] [--enablenis [--nisdomain <domain>]
[--nisserver <nisserver[,nisserver...]>] ] [--disablenis] [--enable-
shadow] [--disableshadow] [--enablemd5] ] [--disablemd5] ] [--enablel-
dap [--enableldapauth] [--enableldapssl] [--ldapserver <ldapserver>]
[--ldapbasedn <basedn>] ] [--disableldap] [--disableldapauth]
[--enablekrb5 [ --krb5realm <realm> ] [--krb5kdc <hostname[,host-
name,...]>] [--disablekrb5] [--krb5adminserver <hostname[,host-
name,...]>] ] [--enablehesiod [--hesiodlhs <lhs>] [--hesiodrhs <rhs>] ]
[--disablehesiod] [--enablesmb [--smbworkgroup <workgroup>] [--smb-
servers <server[,server]>]]
DESCRIPTION
authconfig provides a simple method of configuring /etc/sysconfig/net-
work to handle NIS, as well as /etc/passwd and /etc/shadow, the files
used for shadow password support. Basic LDAP, Kerberos 5, and SMB
(authentication) client configuration is also provided.
The authconfig window contains a Cancel button by default. If --back is
specified at run time, a Back button is presented instead. If --test is
specified, authconfig can be run by users other then root, and any con-
figuration changes are not saved. If --nostart is specified (which is
what the install program does), ypbind will not be started or stopped
immediately following program execution, but only enabled to start or
stop at boot time. if --kickstart is specified, no interactive screens
will be seen. The values the program will use will be those specified
by the other options (--enablemd5, --usehadow, etc.).
The --enablenis, --enableldap, and --enablehesiod options are used to
configure user information services in /etc/nsswitch.conf, the
--enablecache option is used to configure naming services caching, and
the --enableshadow, --enablemd5, --enableldapauth, --enablekrb5 and
--enablesmb options are used to configure authentication functions via
/etc/pam.d/system-auth. Each --enable has a matching --disable option
that disables the service if it is already enabled.
The --probe flag instructs authconfig to use DNS and other means to
guess at configuration information for the current host, print its
guesses to standard output, and exit.
The default in kickstart mode (i.e. without any additional options) is
to not change the current settings.
RETURN CODES
authconfig returns 0 on success, 2 on error, and 1 if the user can-
celled the program (by using either the Cancel or Back button).
FILES
/etc/sysconfig/authconfig
Used to track whether or not particular authentication
mechanisms are enabled. Currently includes variables
named USESHADOW, USEMD5, USEKERBEROS, USELDAPAUTH, USESM-
BAUTH, USEHESIOD, USENIS, USELDAP.
/etc/passwd,
Used for shadow password support.
/etc/yp.conf
Configuration file for NIS support.
/etc/sysconfig/network
Another configuration file for NIS support.
/etc/ldap.conf
/etc/openldap/ldap.conf Used to configure LDAP (and
OpenLDAP, respectively).
/etc/krb5.conf
Used to configure Kerberos 5.
/etc/krb.conf
Used to configure Kerberos IV (write-only).
/etc/hesiod.conf
Used to configure Hesiod.
/etc/pam_smb.conf
Used to configure SMB authentication.
/etc/nsswitch.conf
Used to configure user information services.
/etc/pam.d/system-auth
Used to configure PAM for system services via
pam_stack(8).
SEE ALSO
passwd(5), shadow(5), pwconv(1), domainname(1),
ypbind(8), nsswitch.conf(5)
AUTHORS
Nalin Dahyabhai <nalin@redhat.com>, Preston Brown <pbrown@redhat.com>, Matt Wilson <msw@redhat.com>
4th Berkeley Distribution Mon 30 July 2001 AUTHCONFIG(8)
