| | | | A1: | dn: mountpoint=/data, ou=Mounts, ou=NIS, o=hp.com OR dn: cn=/data, ou=Mounts, ou=NIS, o=hp.com | | | | | A2: | The default write permissions are not suitable because users could change attributes such as uid and gid to circumvent standard UNIX security measure, e.g., set uid=0. | | | | | A3: | /etc/pam.conf and /etc/nsswitch.conf . | | | | | A4: | Enumeration requests are directory requests that request all entries from a database, e.g., all users or all groups. Enumeration requests could reduce network and server performance because a search of many entries is required, which could consume a large amount of server CPU and memory, before being passed back to the requester, which could consume large amounts of network bandwidth. | | | | | A5: | We could use the HP-UX Shadow Password downloadable product that will give us a /etc/passwd file with an asterisk (*) in the password field and have a matching /etc/shadow file that contains our encrypted UNIX passwords. The HP-UX Shadow Password product and LDAP can coexist, while LDAP and HP-UX Trusted Systems cannot coexist. | | |