Novell Identity Manager Driver - Linux and UNIX - Fan
Users are failing to login to AIX boxes where the Identity
Manager Fan-out driver is installed with the redirected
authentication. This failure happens when using SU or
Telnet. Logging in with SSH and FTP work fine. This
happens when using DCE and not PAM for authenticating.
This is normally a configuration problem.
The DCE stanza in /usr/lib/security/methods.cfg should look
program = /usr/lib/security/DCE
options = db=BUILTIN
Also, the registry line may be missing from the
/etc/security/user default stanza:
SYSTEM="DCE OR DCE[UNAVAIL] AND compat"
registry = DCE
The Fan-out driver DCE module is a "compound" module.
The line in methods.cfg about " options = db=BUILTIN " causes the
DCE module to get user information from the local UNIX host, not
The driver was designed and tested
with registry=DCE, and since DCE uses the local host to
resolve everything about a user other than authentication, that is
often the safest way to run it.