User and Group attributes supported by the Authentication Load Modules
A set of user-related and group-related attributes are used to achieve identification and authentication in AIX®.
The following tables list most of these user and group attributes
as a list and also indicate the support from the various load modules
for these attributes. Each row of the table corresponds to an attribute
and each column represents a load module. Attributes supported by
a load module are indicated with a Yes in the load module column.
Note: PKI and Kerberos are authentication-only modules and must be combined
with a database model (such as LOCAL or LDAP). They support certain
additional (extended) attributes other than those provided by LOCAL
or LDAP. Markings are shown against only these extended attributes
for these modules, even though other attributes could be functionally
achieved using LOCAL or LDAP.
| User attribute | Local | NIS/NIS+ | LDAP | PKI | Kerberos |
|---|---|---|---|---|---|
| account_locked | Yes | No | Yes | No | No |
| admgroups | Yes | No | Yes | No | No |
| admin | Yes | No | Yes | No | No |
| auditclasses | Yes | No | Yes | No | No |
| auth_cert | No | No | No | Yes | No |
| auth_domain | Yes | No | Yes | No | No |
| auth_name | Yes | No | Yes | No | No |
| auth1 Note: The auth1 attribute is deprecated
and should not be used.
|
Yes | No | Yes | No | No |
| auth2 Note: The auth2 attribute is deprecated
and should not be used.
|
Yes | No | Yes | No | No |
| capabilities | Yes | No | Yes | No | No |
| core | Yes | No | Yes | No | No |
| core_compress | Yes | No | No | No | No |
| core_hard | Yes | No | Yes | No | No |
| core_naming | Yes | No | No | No | No |
| core_path | Yes | No | No | No | No |
| core_pathname | Yes | No | No | No | No |
| cpu | Yes | No | Yes | No | No |
| daemon | Yes | No | Yes | No | No |
| data | Yes | No | Yes | No | No |
| data_hard | Yes | No | Yes | No | No |
| dce_export | Yes | No | Yes | No | No |
| dictionlist | Yes | No | Yes | No | No |
| expires | Yes | No | Yes | No | Yes |
| flags | Yes | No | Yes | No | Yes |
| fsize | Yes | No | Yes | No | No |
| fsize_hard | Yes | No | Yes | No | No |
| funcmode | Yes | No | Yes | No | No |
| gecos | Yes | Yes | Yes | No | No |
| groups | Yes | Yes | Yes | No | No |
| groupsids | Yes | Yes | Yes | No | No |
| histexpire | Yes | No | Yes | No | No |
| home | Yes | Yes | Yes | No | No |
| host_last_login | Yes | No | Yes | No | No |
| host_last_unsuccessful_login | Yes | Yes | Yes | No | No |
| hostsallowedlogin | Yes | No | Yes | No | No |
| hostsdeniedlogin | Yes | No | Yes | No | No |
| id | Yes | Yes | Yes | No | No |
| krb5_attributes | No | No | No | No | Yes |
| krb5_kvno | No | No | No | No | Yes |
| krb5_last_pwd_change | No | No | No | No | Yes |
| krb5_max_renewable_life | No | No | No | No | Yes |
| krb5_mknvo | No | No | No | No | Yes |
| krb5_mod_date | No | No | No | No | Yes |
| krb5_mod_name | No | No | No | No | Yes |
| krb5_names | No | No | No | No | Yes |
| krb5_principal | No | No | No | No | Yes |
| krb5_principal_name | No | No | No | No | Yes |
| krb5_realm | No | No | No | No | Yes |
| lastupdate | Yes | Yes | Yes | No | No |
| login | Yes | No | Yes | No | No |
| loginretries | Yes | No | Yes | No | No |
| logintimes | Yes | No | Yes | No | No |
| maxage | Yes | Yes | Yes | No | Yes |
| maxexpired | Yes | Yes | Yes | No | No |
| maxrepeats | Yes | No | Yes | No | No |
| maxulogs | Yes | No | Yes | No | No |
| minage | Yes | Yes | Yes | No | No |
| minalpha | Yes | No | Yes | No | No |
| mindiff | Yes | No | Yes | No | No |
| mindigit | Yes | No | Yes | No | No |
| minlen | Yes | No | Yes | No | No |
| minloweralpha | Yes | No | Yes | No | No |
| minother | Yes | No | Yes | No | No |
| minspecialchar | Yes | No | Yes | No | No |
| minupperalpha | Yes | No | Yes | No | No |
| nofiles | Yes | No | Yes | No | No |
| nofiles_hard | Yes | No | Yes | No | No |
| password | Yes | Yes | Yes | No | No |
| pgid | Yes | Yes | No | No | No |
| pgrp | Yes | Yes | Yes | No | No |
| projects | Yes | No | Yes | No | No |
| pwdchecks | Yes | No | Yes | No | No |
| pwdwarntime | Yes | No | Yes | No | No |
| rcmds | Yes | No | Yes | No | No |
| registry | Yes | No | No | No | No |
| rlogin | Yes | No | Yes | No | No |
| roles | Yes | No | Yes | No | No |
| rss | Yes | No | Yes | No | No |
| rss_hard | Yes | No | Yes | No | No |
| screens | Yes | No | Yes | No | No |
| shell | Yes | Yes | Yes | No | No |
| spassword | Yes | Yes | Yes | No | No |
| stack | Yes | No | Yes | No | No |
| stack_hard | Yes | No | Yes | No | No |
| su | Yes | No | Yes | No | No |
| sugroups | Yes | No | Yes | No | No |
| sysenv | Yes | No | Yes | No | No |
| SYSTEM | Yes | No | No | No | No |
| time_last_login | Yes | No | Yes | No | No |
| time_last_unsuccessful_login | Yes | No | Yes | No | No |
| tpath | Yes | No | Yes | No | No |
| tty_last_login | Yes | No | Yes | No | No |
| tty_last_unsuccessful_login | Yes | No | Yes | No | No |
| ttys | Yes | No | Yes | No | No |
| umask | Yes | No | Yes | No | No |
| unsuccessful_login_count | Yes | No | Yes | No | No |
| unsuccessful_login_times | Yes | No | Yes | No | No |
| usrenv | Yes | No | Yes | No | No |
| User attribute | Local | NIS/NIS+ | LDAP | PKI | Kerberos |
|---|---|---|---|---|---|
| admin | Yes | No | Yes | No | No |
| adms | Yes | No | Yes | No | No |
| dce_export | Yes | No | Yes | No | No |
| id | Yes | Yes | Yes | No | No |
| primary | Yes | No | Yes | No | No |
| projects | Yes | No | Yes | No | No |
| screens | Yes | No | Yes | No | No |
| users | Yes | Yes | Yes | No | No |