Follow theses steps to bypass PAM authentication, enabling all user authentication
requests from PAM clients to succeed. Be aware that this configuration is not secure; bypass PAM
authentication only if it is reasonable for your environment and users.
Procedure
-
In the pamauth.conf file, set
SEC_PAM_BYPASS=Y
to bypass
PAM authentication.
-
Restart EGO services and the management hosts:
-
Log on to the primary
host as the cluster administrator.
-
Run the following commands to stop EGO services:
-
Log on to the management hosts as the cluster administrator and restart the hosts:
Once PAM authentication is bypassed, when the client is a PAM client (using
sec_ego_ext_co
), all PAM users can
pass authentication.
For example, where user
wronguser
is neither a PAM user nor
an EGO user with the password
pass
, the following login is successful when PAM
authentication is bypassed:
# egosh user logon –u wronguser–x pass
# soamlogon –u wronguser –u pass
This user, however, cannot run IBM® Spectrum Symphony
applications because the user is not assigned a role.