Information required by support for authentication issues with a third party application
Please provide the following information about the application if known:
1) From where does the application currently obtain users?
Some examples: Uses NSS (LAM on AIX), local system users only (/etc/passwd), direct use of external repository (NIS / LDAP), internal to the application, other (explain).
2) What calls does the application use to obtain user/group information?
Some examples: getXXnam()/getXXYid/getXXent calls (and *_r variants), getprpwnam, getgroups, netgroup calls, (AIX) getuserattr/setauthdb/getgrset/etc, (HP Trusted Mode), other (explain).
3) How often are the above calls made during normal usage?
For example: Each connect (average 120 per hour) triggers 1 getgrent, 1 getgrgid per group a user is in, and 12 getpwnam calls.
4) How does the application handle authentication?
Some examples: Does not, implicit, crypt/compare, LAM, PAM, GSSAPI, Kerberos, other (explain).
5) Additional information that a new identity/authentication back-end would need to know.
For example: Is the application threaded? AD aware? Built statically? If using PAM, does it just call pam_authenticate, or does it also call pam_session and/or pam_account? Will it display custom PAM/LAM prompts? Other?