authconfig - Online Manual Page Of Unix/Linux

  Command: man perldoc info search(apropos)

WebSearch:
Our Recommended Sites: Full-Featured Editor
  
AUTHCONFIG(8)                                                                       AUTHCONFIG(8)



NAME
       authconfig - an interface for configuring system authentication resources

SYNOPSIS
       authconfig  [--back]  [--test] [--nostart] [--kickstart] [--probe] [--enablecache] [--dis-
       ablecache] [--enablenis [--nisdomain ] [--nisserver ]  ]
       [--disablenis]  [--enableshadow]  [--disableshadow]  [--enablemd5]  [--disablemd5] [--pas-
       salgo  ]  [--enableldap]  [--enableldapauth]  [--enableldaptls]   [--ldapserver
       ] [--ldapbasedn ] [--disableldap] [--disableldapauth]
       [--enablekrb5 [ --krb5realm  ] [--krb5kdc ]  [--krb5admin-
       server      ]      [--enablekrb5kdcdns]     [--disablekrb5kdcdns]
       [--enablekrb5realmdns] [--disablekrb5realmdns] ] [--disablekrb5]  [--enablehesiod  [--hes-
       iodlhs  ]  [--hesiodrhs  ] ] [--disablehesiod] [--enablesmbauth] [--smbworkgroup
       ]   [--smbservers   ]   [--disablesmbauth]    [--enablewinbind
       [--enablewinbindauth]   [--smbsecurity   ]   [--smbrealm  ]
       [--smbidmapuid=]  [--smbidmapgid=]  [--winbindseparator=<\>]  [--winbindtem-
       plateprimarygroup=]      [--winbindtemplatehomedir=]      [--winbindtem-
       plateshell=] ] [--disablewinbind] [--disablewinbindauth] [--enablewinbindusedefault-
       domain]  [--disablewinbindusedefaultdomain] [--winbindjoin ] [--enablewins] [--dis-
       ablewins]

DESCRIPTION
       authconfig provides a simple method of configuring /etc/sysconfig/network to  handle  NIS,
       as well as /etc/passwd and /etc/shadow, the files used for shadow password support.  Basic
       LDAP, Kerberos 5, and SMB (authentication) client configuration is also provided.

       The authconfig window contains a Cancel button by default. If --back is specified  at  run
       time, a Back button is presented instead. If --test is specified, authconfig can be run by
       users other then root, and any configuration changes are not saved. If --nostart is speci-
       fied (which is what the install program does), ypbind will not be started or stopped imme-
       diately following program execution, but only enabled to start or stop at  boot  time.  if
       --kickstart  is  specified,  no  interactive screens will be seen.  The values the program
       will use will be those specified by the other options (--enablemd5, --enableshadow, etc.).

       The  --enablenis,  --enableldap,  --enablewinbind,  and --enablehesiod options are used to
       configure user information services in /etc/nsswitch.conf,  the  --enablecache  option  is
       used to configure naming services caching, and the --enableshadow, --enablemd5, --enablel-
       dapauth, --enablekrb5, --enablewinbindauth, and --enablesmbauth options are used  to  con-
       figure  authentication functions via /etc/pam.d/system-auth.  Each --enable has a matching
       --disable option that disables the service if it is already enabled. The  respective  ser-
       vices have parameters which configure their server names etc.

       The  algorithm  used  for  storing  new password hashes can be specified by the --passalgo
       option which takes one  of  the  following  possible  values  as  a  parameter:  descrypt,
       bigcrypt, md5, sha256, and sha512.

       The --probe flag instructs authconfig to use DNS and other means to guess at configuration
       information for the current host, print its guesses if it finds them to  standard  output,
       and exit.

       The  default  in kickstart mode (i.e. without any additional options) is to not change the
       current settings.


RETURN CODES
       authconfig returns 0 on success, 2 on error, and 1 if the user cancelled the  program  (by
       using either the Cancel or Back button).


FILES
       /etc/sysconfig/authconfig
              Used  to  track  whether  or  not  particular  authentication mechanisms are
              enabled.  Currently includes variables named USESHADOW, USEMD5, USEKERBEROS,
              USELDAPAUTH,  USESMBAUTH,  USEWINBIND,  USEWINBINDAUTH,  USEHESIOD,  USENIS,
              USELDAP.
       /etc/passwd,
              Used for shadow password support.
       /etc/yp.conf
              Configuration file for NIS support.
       /etc/sysconfig/network
              Another configuration file for NIS support.
       /etc/ldap.conf
              /etc/openldap/ldap.conf Used to configure LDAP (and OpenLDAP, respectively).
       /etc/krb5.conf
              Used to configure Kerberos 5.
       /etc/krb.conf
              Used to configure Kerberos IV (write-only).
       /etc/hesiod.conf
              Used to configure Hesiod.
       /etc/pam_smb.conf
              Used to configure SMB authentication.
       /etc/samba/smb.conf
              Used to configure winbind authentication.
       /etc/nsswitch.conf
              Used to configure user information services.
       /etc/pam.d/system-auth
              Used to configure PAM for system services via pam_stack(8).


SEE ALSO
       passwd(5),   shadow(5),   pwconv(1),  domainname(1),  ypbind(8),  nsswitch.conf(5),
       smb.conf(5)


AUTHORS
       Nalin Dahyabhai <>, Preston Brown <>, Matt Wilson <>



4th Berkeley Distribution                6 February 2004                            AUTHCONFIG(8)