Command Line Version
The Authentication Configuration Tool can also be run as a command line tool with no interface. The command line version can be used in a configuration script or a kickstart script. The authentication options are summarized in Table 27.1, "Command Line Options".
These options can also be found in the authconfig man page or by typing authconfig --help at a shell prompt.
Table 27.1. Command Line Options
| Option | Description |
|---|---|
--enableshadow
| Enable shadow passwords |
--disableshadow
| Disable shadow passwords |
--enablemd5
| Enable MD5 passwords |
--disablemd5
| Disable MD5 passwords |
--enablenis
| Enable NIS |
--disablenis
| Disable NIS |
--nisdomain=
| Specify NIS domain |
--nisserver=
| Specify NIS server |
--enableldap
| Enable LDAP for user information |
--disableldap
| Disable LDAP for user information |
--enableldaptls
| Enable use of TLS with LDAP |
--disableldaptls
| Disable use of TLS with LDAP |
--enableldapauth
| Enable LDAP for authentication |
--disableldapauth
| Disable LDAP for authentication |
--ldapserver=
| Specify LDAP server |
--ldapbasedn=
| Specify LDAP base DN |
--enablekrb5
| Enable Kerberos |
--disablekrb5
| Disable Kerberos |
--krb5kdc=
| Specify Kerberos KDC |
--krb5adminserver=
| Specify Kerberos administration server |
--krb5realm=
| Specify Kerberos realm |
--enablekrb5kdcdns
| Enable use of DNS to find Kerberos KDCs |
--disablekrb5kdcdns
| Disable use of DNS to find Kerberos KDCs |
--enablekrb5realmdns
| Enable use of DNS to find Kerberos realms |
--disablekrb5realmdns
| Disable use of DNS to find Kerberos realms |
--enablesmbauth
| Enable SMB |
--disablesmbauth
| Disable SMB |
--smbworkgroup=
| Specify SMB workgroup |
--smbservers=
| Specify SMB servers |
--enablewinbind
| Enable winbind for user information by default |
--disablewinbind
| Disable winbind for user information by default |
--enablewinbindauth
| Enable winbindauth for authentication by default |
--disablewinbindauth
| Disable winbindauth for authentication by default |
--smbsecurity=
| Security mode to use for Samba and winbind |
--smbrealm=
| Default realm for Samba and winbind when security=ads
|
--smbidmapuid=
| UID range winbind assigns to domain or ADS users |
--smbidmapgid=
| GID range winbind assigns to domain or ADS users |
--winbindseparator=
| Character used to separate the domain and user part of winbind usernames if winbindusedefaultdomain is not enabled
|
--winbindtemplatehomedir=
| Directory that winbind users have as their home |
--winbindtemplateprimarygroup=
| Group that winbind users have as their primary group |
--winbindtemplateshell=
| Shell that winbind users have as their default login shell |
--enablewinbindusedefaultdomain
| Configures winbind to assume that users with no domain in their usernames are domain users |
--disablewinbindusedefaultdomain
| Configures winbind to assume that users with no domain in their usernames are not domain users |
--winbindjoin=
| Joins the winbind domain or ADS realm now as this administrator |
--enablewins
| Enable WINS for hostname resolution |
--disablewins
| Disable WINS for hostname resolution |
--enablehesiod
| Enable Hesiod |
--disablehesiod
| Disable Hesiod |
--hesiodlhs=
| Specify Hesiod LHS |
--hesiodrhs=
| Specify Hesiod RHS |
--enablecache
| Enable nscd
|
--disablecache
| Disable nscd
|
--nostart
| Do not start or stop the portmap, ypbind, or nscd services even if they are configured
|
--kickstart
| Do not display the user interface |
--probe
| Probe and display network defaults |