Go to main content

Managing Kerberos and Other Authentication Services in Oracle® Solaris 11.3

Exit Print View

Updated: May 2019
 
 

Configuring PAM

You can use PAM as is. This section gives examples of PAM configurations that are not in effect by default.

Table 1  PAM Task Map
Task
Description
For Instructions
Plan for your PAM installation.
Covers how to plan customizing PAM for your site.
Ensure that console login is restricted.
Limits console logins to specified users and netgroups.
Limit administrative access to an immutable zone.
Limits who can log in from the console to immutable zones.
Assign a new PAM policy to a user.
Customizes per-user authentication requirements for multiple services.
Create users with encrypted home directories.
Modifies a PAM stack to enable the creation of encrypted home directories.
Add new PAM modules.
Explains how to install and test customized PAM modules.
Assign a non-default PAM policy to users.
Shows how to add a PAM policy to a rights profile for assignment to a range of users at sites that use Kerberos, LDAP, or a combination of logins.
Assign a non-default PAM policy to users.
Distributes customized PAM stacks to all systems.
Initiate error logging.
Logs PAM error messages through syslog.
Troubleshoot PAM errors.
Provides steps to locate, solve, and test PAM misconfigurations.