authconfig



AUTHCONFIG(8)                                                    AUTHCONFIG(8)




NAME

       authconfig   -  an  interface  for  configuring  system  authentication
       resources


SYNOPSIS

       authconfig  [--back]  [--test]  [--nostart]   [--kickstart]   [--probe]
       [--enablecache]  [--disablecache]  [--enablenis  [--nisdomain <domain>]
       [--nisserver <nisserver[,nisserver...]>]  ]  [--disablenis]  [--enable-
       shadow]  [--disableshadow] [--enablemd5] ] [--disablemd5] ] [--enablel-
       dap]      [--enableldapauth]      [--enableldaptls]       [--ldapserver
       <ldapserver[,ldapserver,...]>]  [--ldapbasedn <basedn>] [--disableldap]
       [--disableldapauth] [--enablekrb5 [ --krb5realm  <realm>  ]  [--krb5kdc
       <hostname[,hostname,...]>]      [--krb5adminserver     <hostname[,host-
       name,...]>]         [--enablekrb5kdcdns]          [--disablekrb5kdcdns]
       [--enablekrb5realmdns]    [--disablekrb5realmdns]   ]   [--disablekrb5]
       [--enablehesiod [--hesiodlhs <lhs>] [--hesiodrhs <rhs>] ] [--disablehe-
       siod]   [--enablesmbauth]  [--smbworkgroup  <workgroup>]  [--smbservers
       <server[,server]>]  [--disablesmbauth]  [--enablewinbind  [--enablewin-
       bindauth] [--smbsecurity <user|server|domain|ads>] [--smbrealm <realm>]
       [--smbidmapuid=<range>]    [--smbidmapgid=<range>]    [--winbindsepara-
       tor=<\>]   [--winbindtemplateprimarygroup=<group>]  [--winbindtemplate-
       homedir=<directory>] [--winbindtemplateshell=<path>]  ]  [--disablewin-
       bind]  [--disablewinbindauth] [--enablewinbindusedefaultdomain] [--dis-
       ablewinbindusedefaultdomain]  [--winbindjoin  <admin>]   [--enablewins]
       [--disablewins]


DESCRIPTION

       authconfig  provides a simple method of configuring /etc/sysconfig/net-
       work to handle NIS, as well as /etc/passwd and /etc/shadow,  the  files
       used  for  shadow  password  support.   Basic LDAP, Kerberos 5, and SMB
       (authentication) client configuration is also provided.

       The authconfig window contains a Cancel button by default. If --back is
       specified at run time, a Back button is presented instead. If --test is
       specified, authconfig can be run by users other then root, and any con-
       figuration  changes  are not saved. If --nostart is specified (which is
       what the install program does), ypbind will not be started  or  stopped
       immediately  following  program execution, but only enabled to start or
       stop at boot time. if --kickstart is specified, no interactive  screens
       will  be seen.  The values the program will use will be those specified
       by the other options (--enablemd5, --enableshadow, etc.).

       The  --enablenis,  --enableldap,  --enablewinbind,  and  --enablehesiod
       options  are  used  to configure user information services in /etc/nss-
       witch.conf, the --enablecache option is used to configure  naming  ser-
       vices  caching,  and the --enableshadow, --enablemd5, --enableldapauth,
       --enablekrb5, --enablewinbindauth, and --enablesmbauth options are used
       to configure authentication functions via /etc/pam.d/system-auth.  Each
       --enable has a matching --disable option that disables the  service  if
       it  is  already  enabled. The respective services have parameters which
       configure their server names etc.

       The --probe flag instructs authconfig to use DNS  and  other  means  to
       guess  at  configuration  information  for  the current host, print its
       guesses if it finds them to standard output, and exit.

       The default in kickstart mode (i.e. without any additional options)  is
       to not change the current settings.



RETURN CODES

       authconfig  returns  0  on  success, 2 on error, and 1 if the user can-
       celled the program (by using either the Cancel or Back button).



FILES

       /etc/sysconfig/authconfig
              Used to track whether or  not  particular  authentication
              mechanisms  are  enabled.   Currently  includes variables
              named USESHADOW, USEMD5, USEKERBEROS, USELDAPAUTH, USESM-
              BAUTH,  USEWINBIND,  USEWINBINDAUTH,  USEHESIOD,  USENIS,
              USELDAP.
       /etc/passwd,
              Used for shadow password support.
       /etc/yp.conf
              Configuration file for NIS support.
       /etc/sysconfig/network
              Another configuration file for NIS support.
       /etc/ldap.conf
              /etc/openldap/ldap.conf  Used  to  configure  LDAP   (and
              OpenLDAP, respectively).
       /etc/krb5.conf
              Used to configure Kerberos 5.
       /etc/krb.conf
              Used to configure Kerberos IV (write-only).
       /etc/hesiod.conf
              Used to configure Hesiod.
       /etc/pam_smb.conf
              Used to configure SMB authentication.
       /etc/samba/smb.conf
              Used to configure winbind authentication.
       /etc/nsswitch.conf
              Used to configure user information services.
       /etc/pam.d/system-auth
              Used   to   configure   PAM   for   system  services  via
              pam_stack(8).



SEE ALSO

       passwd(5), shadow(5), pwconv(1), domainname(1), ypbind(8),  nss-
       witch.conf(5), smb.conf(5)



AUTHORS

       Nalin Dahyabhai <nalin@redhat.com>, Preston Brown <pbrown@redhat.com>, Matt Wilson <msw@redhat.com>



4th Berkeley Distribution       6 February 2004                  AUTHCONFIG(8)

Man(1) output converted with man2html