The Authentication Configuration Tool can also be run as a command line tool with no interface. The command line version can be used in a configuration script or a kickstart script. The authentication options are summarized in Table 26.1, “Command Line Options”.
These options can also be found in the authconfig man page or by typing authconfig --help at a shell prompt.
| Option | Description |
|---|---|
--enableshadow
|
Enable shadow passwords |
--disableshadow
|
Disable shadow passwords |
--enablemd5
|
Enable MD5 passwords |
--disablemd5
|
Disable MD5 passwords |
--enablenis
|
Enable NIS |
--disablenis
|
Disable NIS |
--nisdomain=
|
Specify NIS domain |
--nisserver=
|
Specify NIS server |
--enableldap
|
Enable LDAP for user information |
--disableldap
|
Disable LDAP for user information |
--enableldaptls
|
Enable use of TLS with LDAP |
--disableldaptls
|
Disable use of TLS with LDAP |
--enableldapauth
|
Enable LDAP for authentication |
--disableldapauth
|
Disable LDAP for authentication |
--ldapserver=
|
Specify LDAP server |
--ldapbasedn=
|
Specify LDAP base DN |
--enablekrb5
|
Enable Kerberos |
--disablekrb5
|
Disable Kerberos |
--krb5kdc=
|
Specify Kerberos KDC |
--krb5adminserver=
|
Specify Kerberos administration server |
--krb5realm=
|
Specify Kerberos realm |
--enablekrb5kdcdns
|
Enable use of DNS to find Kerberos KDCs |
--disablekrb5kdcdns
|
Disable use of DNS to find Kerberos KDCs |
--enablekrb5realmdns
|
Enable use of DNS to find Kerberos realms |
--disablekrb5realmdns
|
Disable use of DNS to find Kerberos realms |
--enablesmbauth
|
Enable SMB |
--disablesmbauth
|
Disable SMB |
--smbworkgroup=
|
Specify SMB workgroup |
--smbservers=
|
Specify SMB servers |
--enablewinbind
|
Enable winbind for user information by default |
--disablewinbind
|
Disable winbind for user information by default |
--enablewinbindauth
|
Enable winbindauth for authentication by default |
--disablewinbindauth
|
Disable winbindauth for authentication by default |
--smbsecurity=
|
Security mode to use for Samba and winbind |
--smbrealm=
|
Default realm for Samba and winbind when security=ads
|
--smbidmapuid=
|
UID range winbind assigns to domain or ADS users |
--smbidmapgid=
|
GID range winbind assigns to domain or ADS users |
--winbindseparator=
|
Character used to separate the domain and user part of winbind usernames if winbindusedefaultdomain is not enabled
|
--winbindtemplatehomedir=
|
Directory that winbind users have as their home |
--winbindtemplateprimarygroup=
|
Group that winbind users have as their primary group |
--winbindtemplateshell=
|
Shell that winbind users have as their default login shell |
--enablewinbindusedefaultdomain
|
Configures winbind to assume that users with no domain in their usernames are domain users |
--disablewinbindusedefaultdomain
|
Configures winbind to assume that users with no domain in their usernames are not domain users |
--winbindjoin=
|
Joins the winbind domain or ADS realm now as this administrator |
--enablewins
|
Enable WINS for hostname resolution |
--disablewins
|
Disable WINS for hostname resolution |
--enablehesiod
|
Enable Hesiod |
--disablehesiod
|
Disable Hesiod |
--hesiodlhs=
|
Specify Hesiod LHS |
--hesiodrhs=
|
Specify Hesiod RHS |
--enablecache
|
Enable nscd
|
--disablecache
|
Disable nscd
|
--nostart
|
Do not start or stop the portmap, ypbind, or nscd services even if they are configured
|
--kickstart
|
Do not display the user interface |
--probe
|
Probe and display network defaults |