APAR status
Closed as new function.
Error description
*************************** APAR Template ***************************** Please open an apar with the following severity and information: Severity: 4 Approver: RL Enter the L2 engineer who did the recreate or "None": L2 engineer: None Compid: 5724C04MS Tivoli Enterprise Management Server Abstract: AIX PAM support Environment: AIX 7.X ITM 630 FP7 Do you think the latest patch applied is involved? No Problem Description: Enhancement to IBM Tivoli Monitoring Server to support Pluggable Authententication Module (PAM) on AIX. Detailed Recreation Procedure: Currently the IBM Tivoli Monitoring Server does not use PAM for user authentication on AIX. So altering the contents of the /etc/security/login.cfg file for auth_type from STD_AUTH to PAM_AUTH does not impact the authentication of tacmd users. LAM, the default, authentication for AIX is still used. Related Files and Output: ************************ End of APAR Template *************************
Local fix
Problem summary
Enable AIX PAM support for the TEMS
Problem conclusion
If PAM is enabled on AIX, allow the TEMS to use its services if the TEMS' configuration file environment variable KDS_VALIDATE_EXT is present. Additionally, independent of the TEMS' configuration setting of KDS_VALIDATE_EXT , the TEMS will now enforce the Operating System's user policy regarding repeated failed login requests. Note: Before enabling ITM to use PAM authentication it is recommended that you leave an additional login window open with root access until you verify that ITM with PAM authentication is working properly. If PAM is not configured correctly you will not be able to log into the machine to correct the configuration problem until you boot the machine into maintenance mode and change /etc/security/login.cfg back to its original state. The fix for this APAR is contained in the following maintenance packages: | service pack | 6.3.0.7-TIV-ITM-SP0013
Temporary fix
N/A
Comments
APAR Information
APAR number
IJ40842
Reported component name
TEMS
Reported component ID
5724C04MS
Reported release
630
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-06-24
Closed date
2022-10-04
Last modified date
2022-10-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TEMS
Fixed component ID
5724C04MS
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"630","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
08 March 2023