Setting password fallback

You can enable password fallback for PAM authentication so that if authentication fails, users can then log in with their Linux password. You should enable password fallback only for specific users in specific situations, and not as part of general user management.

About this task

To enable password fallback for one or more users, complete the following steps:

Procedure

  1. In the IBM® MFA GUI, click the User Provisioning tab.
  2. Click the Users icon.
    The users in the repository are listed.
  3. Select a user.
  4. Set Password Fallback to On to enable password fallback. Confirm the change.
  5. You must enable password fallback for the client, as described in , Editing the /etc/pam.d files on Red Hat Enterprise Linux for IBM Z and LinuxONE, or Editing the /etc/pam.d files on SUSE Linux Enterprise Server on IBM Z.