DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 
Administering port services

Authentication schemes and user IDs

pmadm(1M) can be used to modify or remove authentication schemes (specified with -S "scheme"), and user IDs (specified with -i id).

For a given service, there may be non-null entries in either of these fields, in both fields, or in neither. Since authentication schemes can provide a user ID, it is important to understand when the user ID determined by the authentication scheme is used, versus when the user ID specified in the id field is used. The following table describes the four possible cases:

Scheme ID Description
Specified Null Authentication is performed by the port monitor using the specified scheme. If authentication succeeds, the service is started with the ID determined by the scheme. If authentication fails, the service is not started.
Null Specified No authentication is performed by the port monitor. The service is started with the ID specified in the ``ID'' field.
Specified Specified The port monitor invokes the specified authentication scheme. If authentication succeeds, the service is started with the ID from the ``ID'' field. If authentication fails, the service is not started.
Null Null This is an error. The service will not start.

When used with the -c option, the -S and -i options to pmadm manipulate the contents of the ``SCHEME'' and ``ID'' fields in the port monitor administrative file.

If either ``SCHEME'' or ``ID'' is null, the corresponding field will be empty and the authentication scheme or user ID will be effectively removed from the service line in the file.


© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004