LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-04-2009, 06:31 PM   #1
catbird
LQ Newbie
 
Registered: Oct 2006
Posts: 26

Rep: Reputation: 16
NIS failed for one user on one NIS client - strange problem resolved


First let me say, I inherited this shop. NIS is working fine... and has for years with one exception...

One user named jpeters (not really ... just made that up) couldn't ssh into the network but she only had problems ssh'ing into one server named frodo (nis client). Other users were / are able to ssh into frodo so I know the daemon is running. (I saw the other thread that sounds exactly like my problem - but the solution didn't make sense because I don't have any other domains. Oh and I do *not* have sldap running anywhere.)

When jpeters ssh'd into frodo it failed: "permission denied."
Jpeters can, however, ssh into all the other NIS client servers. On the problem box, frodo, if I:
# ypmatch jpeters passwd

frodo returns the info stored on the NIS Master (gandalf). I verified this from several other servers too. All are pointing to the NIS master.

Then I discover that jpeters also has a local user account on frodo. I deleted (userdel) her from the local users on frodo.
While this *did* successfully remove her record from frodo's local /etc/passwd file it didn't remover her from the /etc/group

Question 1: Shouldn't userdel have removed her group entry?

So I then used vi to manually remover her from frodo's /etc/group

But, still, she couldn't ssh into frodo and I'm tempted to tell her to STOP trying to ssh into frodo ..., but then I noticed that, unlike the users that are successful at ssh'ing into frodo, user jpeters belonged to several groups including "wheel." So I changed this in the /etc/groups on the NIS master server so she no longer belongs to the wheel group.

She still could't ssh into frodo though.

I then ssh'd into frodo as root. and as root I su'd to jpeters:
# su - jpeters
# yppasswd

but now something is different - I'm jpeters now and I when I entered jpeters password to authenticate the password request change, NIS *did* recognized her password!

I then changed the password and the changes were successful. jpeters can now ssh from all the servers including frodo.

Question 2: Do you think that taking jpeters out of the wheel group resolved the problem? Or did I just forget to make or restart or rebind something...

In trying to troubleshoot this problem I've learned a great deal but I'm also confused because as I said, NIS is working yet many of the things that people in the forum said to check aren't there for example:
# ypcat ypservers

returns nothing

Question 3) how can this work if ypcat servers returns nothing?

Question 4) why does my passwd file on the nis server contain encrypted password for some users? Most have x in the password field but a few have gobbledgook. All the users that I have personally added appear this way. What am I doing wrong? And how do I fix it?

TIA
 
Old 10-05-2009, 11:00 AM   #2
snowtigger
Member
 
Registered: Mar 2005
Location: england
Distribution: slackware, win2k
Posts: 364

Rep: Reputation: 34
For question 4 look at http://linux.die.net/man/8/pwconv

If you manually put entries in passwd then shadow is not updated and the passwords will be stored in passwd (the gobbledgook instead of an "x")

Be carefull with pwconv, you might end up with double entries in shadow. As an alternative you could manually put them in shadow.

 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to login to NIS client machine(Ubuntu) using NIS login user name crazymoonboy Linux - Server 7 11-27-2009 02:29 AM
How to setup a solaris NIS client while with a Linux NIS server? ntcm Linux - Security 2 03-31-2004 12:43 PM
How to setup a solaris NIS client while with a Linux NIS server? ntcm Linux - Networking 1 03-31-2004 07:51 AM
How to setup a Solaris NIS client while with a Linux NIS server? ntcm Solaris / OpenSolaris 1 03-31-2004 06:10 AM
How to setup a Solaris NIS client while with a Linux NIS server? ntcm Linux - General 1 03-31-2004 06:10 AM


All times are GMT -5. The time now is 05:32 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration