LinuxQuestions.org - NIS: ypserv.conf rules

Hi all,

I'm trying to get NIS to work and I have a few questions about the rules in /etc/ypserv.conf

First, when I log in to the NIS client I get this message:

id: cannot find name for user ID 511

I have narrowed the problem down to the access rules in /etc/ypserv.conf:

Code:

192.168.168.:*:*:port

has to be changed to:

Code:

192.168.168.:*:*:none

in order to work.

I don't like how this decreases security (although I'm not sure HOW it decreases security).

Code:

rpcinfo -p localhost

on the NIS client gives the following output:

100007 2 udp 1013 ypbind
100007 1 udp 1013 ypbind
100007 2 tcp 1016 ypbind
100007 1 tcp 1016 ypbind

So ypbind is running on a port < 1024. Then why aren't the maps being communicated?

The rest of my /etc/ypserv.conf looks like this:

Code:

# The following, when uncommented,  will give you shadow like passwords.

# Note that it will not work if you have slave NIS servers in your

# network that do not run the same server as you.



# Host                    : Domain  : Map              : Security

#

#*                        : *      : passwd.byname    : port

#*                        : *      : passwd.byuid    : port



# Not everybody should see the shadow passwords, not secure, since

# under MSDOG everbody is root and can access ports < 1024 !!!

*                          : *      : shadow.byname    : port

*                          : *      : passwd.adjunct.byname : port

It was set like that by default and I haven't changed it. Could this account for the trouble I'm having?

I'm also wondering about shadow passwords. Can the current NIS handle it? The above comments in /etc/ypserv.conf suggests that they can, but I've read in many places that NIS cannot do shadow passwords.

I must admit that I'm a little confused with these two questions and would appreciate if someone could shed some light on the subject.

Thanks very much!