LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 07-10-2008, 09:24 PM   #1
Hanzo
LQ Newbie
 
Registered: Jul 2008
Posts: 26

Rep: Reputation: 15
Angry The problem about NIS


I set up the NIS Server and client.
NIS Server:Red Hat Enterprise Linux ES release 4 (Nahant Update 4)
NIS Client:Red Hat Enterprise Linux AS release 3 (Taroon Update 6)

What I wanna implement is when NIS client uses the command
Code:
ypcat passwd
, I want the NIS client to display
Code:
dstest:x:500:500::/home/dstest:/bin/bash
, not
Code:
dstest:$1$6fC1ju5n$.431bYi.7bQdByaYtKjwo.:500:500::/home/dstest:/bin/bash
Thank you so much!
 
Old 07-10-2008, 09:56 PM   #2
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 63
I don't know how up to date this information is, but see:

7.6. Shadow Passwords with NIS
http://www.linux-nis.org/nis-howto/H...up_client.html
 
Old 07-13-2008, 09:22 PM   #3
Hanzo
LQ Newbie
 
Registered: Jul 2008
Posts: 26

Original Poster
Rep: Reputation: 15
Why the root user can execute "ypcat passwd", but dstest can't.

I modified the file: /var/yp/Makefile. Here is the content:
Code:
B=
NOPUSH=true
MINUID=500
MINGID=500

NFSNOBODYUID=65534
NFSNOBODYGID=65534

MERGE_PASSWD=false

MERGE_GROUP=true

AWK = /usr/bin/gawk
MAKE = /usr/bin/gmake
UMASK = umask 066

YPSRCDIR = /etc
YPPWDDIR = /etc
YPBINDIR = /usr/lib/yp
YPSBINDIR = /usr/sbin
YPDIR = /var/yp
YPMAPDIR = $(YPDIR)/$(DOMAIN)

GROUP       = $(YPPWDDIR)/group
PASSWD      = $(YPPWDDIR)/passwd
SHADOW      = $(YPPWDDIR)/shadow
GSHADOW     = $(YPPWDDIR)/gshadow
ADJUNCT     = $(YPPWDDIR)/passwd.adjunct
#ALIASES     = $(YPSRCDIR)/aliases  # aliases could be in /etc or /etc/mail
ALIASES     = /etc/aliases
ETHERS      = $(YPSRCDIR)/ethers     # ethernet addresses (for rarpd)
BOOTPARAMS  = $(YPSRCDIR)/bootparams # for booting Sun boxes (bootparamd)
HOSTS       = $(YPSRCDIR)/hosts
NETWORKS    = $(YPSRCDIR)/networks
PRINTCAP    = $(YPSRCDIR)/printcap
PROTOCOLS   = $(YPSRCDIR)/protocols
PUBLICKEYS  = $(YPSRCDIR)/publickey
RPC         = $(YPSRCDIR)/rpc
SERVICES    = $(YPSRCDIR)/services
NETGROUP    = $(YPSRCDIR)/netgroup
NETID       = $(YPSRCDIR)/netid
AMD_HOME    = $(YPSRCDIR)/amd.home
AUTO_MASTER = $(YPSRCDIR)/auto.master
AUTO_HOME   = $(YPSRCDIR)/auto.home
AUTO_LOCAL  = $(YPSRCDIR)/auto.local
TIMEZONE    = $(YPSRCDIR)/timezone
LOCALE      = $(YPSRCDIR)/locale
NETMASKS    = $(YPSRCDIR)/netmasks

.....
I modified the option of "MERGE_PASSWD" from "true" to "false".
I added the user name "dstest". And run the command "passwd dstest" and execute the "make" command.

When I run the command "ypcat passwd" on the nis client as root, it displayed
Code:
dstest:x:500:500::/home/dstest:/bin/bash
But when I run the command " su - dstest" on the nis client, after log into, I execute the "ypcat passwd" command, it displayed
Code:
No such map passwd.byname. Reason: No such map in server's domain
Here is the content when I execute the "ypwhich -x" as dstest:
Code:
Use "ethers"    for map "ethers.byname"
Use "aliases"   for map "mail.aliases"
Use "services"  for map "services.byname"
Use "protocols" for map "protocols.bynumber"
Use "hosts"     for map "hosts.byname"
Use "networks"  for map "networks.byaddr"
Use "group"     for map "group.byname"
Use "passwd"    for map "passwd.byname"
Here is the content of nis client's file: /etc/yp.conf
Code:
domain nistest server hostname.domainname.com # sorry, I can't tell you what the real name is
Here is the content of nis client's file: /etc/nsswitch.conf
Code:
passwd:     files nis
shadow:     files nis
group:      files nis
hosts:      files nis dns
bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files nisplus nis
rpc:        files
services:   files nisplus nis
netgroup:   files nisplus nis
publickey:  nis
automount:  files nisplus nis
aliases:    files nisplus
Here is the content of nis server's file:/etc/ypserv.conf
Code:
dns: no
files: 30
slp: no
slp_timeout: 3600
xfr_check_port: yes
*                          : *       : passwd.byname    : port
*                          : *       : shadow.byname    : port
*                          : *       : passwd.adjunct.byname : port
Here is the content of nis server's file: /etc/pam.d/login
Code:
auth       required     pam_securetty.so
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth

session    required     pam_selinux.so close
session    required     pam_stack.so service=system-auth
session    required     pam_loginuid.so
session    optional     pam_console.so

session    required     pam_selinux.so open
Here is the content of nis server's file: /etc/pam.d/system-auth
Code:
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so
account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account     required      /lib/security/$ISA/pam_permit.so

password    requisite     /lib/security/$ISA/pam_cracklib.so retry=3
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_first use_au
thtok
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so
Also, here is the problem after I use " su - dstest" and execute the command "id dstest":
Code:
id: dstest: No such user
Why the root user can execute "ypcat passwd", but dstest can't.
By the way, the all machines are in the same Lan.

Please help me. Thank you very much!

Last edited by Hanzo; 07-13-2008 at 10:08 PM.
 
Old 07-14-2008, 03:04 AM   #4
Hanzo
LQ Newbie
 
Registered: Jul 2008
Posts: 26

Original Poster
Rep: Reputation: 15
Could anyone pay attention to this problem? Many thanks!
 
Old 07-14-2008, 03:31 AM   #5
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 63
I'm sorry, I'm rusty on NIS under Linux - its been a while.

You might need to reinitialize the NIS database, with /usr/lib/yp/ypinit -m. The Makefile compares the source timestamp (eg. /etc/passwd, /etc/shadow), and updates the destination (eg. .db) file if the source is newer than the existing .db file. I don't think the Makefile recognizes changes to itself.
 
Old 07-14-2008, 03:43 AM   #6
Hanzo
LQ Newbie
 
Registered: Jul 2008
Posts: 26

Original Poster
Rep: Reputation: 15
Hi,buddy:
After executing the command "/usr/lib/yp/ypinit -m" ,I compared the local /etc/passwd and /etc/shadow with /var/yp/nistest(nis domainname) on nis server. The time stamp of /var/yp/nistest/passwd.byname is more later than /etc/passwd and /etc/shadow. Then, what can we conclude?
What am I gonna do next?
 
Old 07-14-2008, 03:45 AM   #7
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 63
Well, you can conclude the db file was updated. Did you test again afterwards ?
 
Old 07-14-2008, 03:58 AM   #8
Hanzo
LQ Newbie
 
Registered: Jul 2008
Posts: 26

Original Poster
Rep: Reputation: 15
Sorry, where can I check those db files?
 
Old 07-14-2008, 04:37 AM   #9
Hanzo
LQ Newbie
 
Registered: Jul 2008
Posts: 26

Original Poster
Rep: Reputation: 15
I checked the time stamp of all files under /var/yp/nistest. They are much later than /etc/passwd and /etc/shadow. What else?
 
Old 07-14-2008, 08:19 PM   #10
Hanzo
LQ Newbie
 
Registered: Jul 2008
Posts: 26

Original Poster
Rep: Reputation: 15
Can anyone continue to answer this question?
 
Old 07-16-2008, 03:12 AM   #11
Hanzo
LQ Newbie
 
Registered: Jul 2008
Posts: 26

Original Poster
Rep: Reputation: 15
Talking [Solved] this issue

I sovled this problem.
I installed NIS on ubuntu. And make a rhel3 as NIS client. It works. That's it.
I really appreciate Mr.C.'s help!
 
Old 07-16-2008, 03:19 AM   #12
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 63
OH, darn, I'm sorry I didn't get back to you. I've been busy up until tonight, and didn't have access to a Linux system to download the NIS server. But glad you got it working.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
solaris nis server and linux nis client configuration soumalya Solaris / OpenSolaris 1 04-08-2008 11:25 PM
NIS: NIS running but users not able to log in with NIS credentials outerspace Linux - Server 3 10-17-2007 08:51 AM
NIS-Problem - search for NIS-Guru or SuSE Profesional krischeu MEPIS 0 06-16-2005 07:21 AM
How to setup a solaris NIS client while with a Linux NIS server? ntcm Linux - Networking 1 03-31-2004 07:51 AM
How to setup a Solaris NIS client while with a Linux NIS server? ntcm Linux - General 1 03-31-2004 06:10 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 08:55 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration