The default write permissions are not suitable because users could change attributes such as uid and gid to circumvent standard UNIX security measure, e.g., set uid=0.
A3:
/etc/pam.conf and /etc/nsswitch.conf .
A4:
Enumeration requests are directory requests that request all entries from a database, e.g., all users or all groups. Enumeration requests could reduce network and server performance because a search of many entries is required, which could consume a large amount of server CPU and memory, before being passed back to the requester, which could consume large amounts of network bandwidth.
A5:
We could use the HP-UX Shadow Password downloadable product that will give us a /etc/passwd file with an asterisk (*) in the password field and have a matching /etc/shadow file that contains our encrypted UNIX passwords. The HP-UX Shadow Password product and LDAP can coexist, while LDAP and HP-UX Trusted Systems cannot coexist.