LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 05-30-2012, 09:18 AM   #1
KaMe
LQ Newbie
 
Registered: Apr 2012
Posts: 10

Rep: Reputation: Disabled
User cannot login to NIS-client


Hello everyone,
first I want to excuse myself for any mistakes in the text, since I am not an English native speaker.

A colleague asked me to setup two virtual machines, both running with SUSE Linux Enterprise Server 11, and also to use NIS.

My problem now is that I cannot login to the client-server as user, only root is working.

I know there already have been quite a lot of posts regarding this problem, but I haven't found a solution that worked for me yet. Even so I use linux for some years; I am new to the whole administrator thing.

When I try to login to the client via ssh I always get: " Permissions on the password data base may be too restrictive."

Is there anything else, I should have done after setting up NIS?
As far as I did understand the NIS how-to documentation, I should have been able to login to the client after the set up was finished.

Best wishes.
 
Old 05-30-2012, 06:27 PM   #2
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 3,992

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
You have to have 1 NIS server running. Not one on both machines.
You have to have NIS client running at least on the client. It is up to you if you want to run it on the NIS server as well.
Check the default settings on the NIS server. Is server enabled?
Check the default settings on the NIS client. Is client enabled?
On the client kill ypbind, and start it with sudo ypbind -debug. What do you see.
How did you configure the VM network? You should have uses a bridged network adapter on the server as to allow access from outside.
How did you configure yp.conf. Does it hold the server IP address and not the name?
What is the contents of hosts.allow?

This should keep you busy for a while

jlinkels
 
Old 06-07-2012, 09:34 AM   #3
KaMe
LQ Newbie
 
Registered: Apr 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
Hello and thank you for your answer.
Maybe I made a mistake in expressing the problem, but there is only one NIS server.
I checked the settings on the master server and the client with Yast and the master is enabled on the master server and the same goes for the client.
When I ran sudo ypbind -debug I get the output:
parsing config file
Trying entry: ypserver <IP-address of master server>
parsed ypserver <IP>
ass_server() domain: <domain>, host: <IP>, slot:0
[Welcome to ypbind-mt, version 1.22]
Ping interval is 20 seconds
NetworkManager is not running.
Ping host '<IP>', domain '<domain>'
Answer for domain '<domain>' from server '<IP>'
Pinging all active servers.
Pinging all active servers.

I skipped the initial numbers, but as far as I understand there shouldn't be any problems.
I am not sure how the VM network is configured and if there is such an adapter.
The yp.conf on the client holds the IP address of the master.
Following are the contents of hosts.allow:
in.rshd: XXX.XXX.XX. (<- IP of the master without the last to numbers)
in.logind: XXX.XXX.XX.
portmap: XXX.XXX.XX.
sshd: XXX.XXX.XX.
 
Old 06-07-2012, 06:20 PM   #4
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 3,992

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
That looks all reasonable.

What does this command yield:
ypcat passwd
Run it on the client where you have ypbind running. You can run ypbind -debug in one virtual console and the ypcat command in another console.

After you did that (and it should fail) check on the server /var/log/syslog, /var/log/messages, and /var/log/auth.log for anything mentioning nis or yp.

jlinkels
 
Old 06-08-2012, 02:55 AM   #5
KaMe
LQ Newbie
 
Registered: Apr 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
Hello,

I just run ypcat passwd and got a list of all users and their home directories among other things.

So in /var/log/messages I didn't found anythiny mentioning nis or yp. For syslog and auth.log, they don't exist in my /var/log directory. I only found syslog in /etc/logrotate.d and /etc/sysconfig, but I guess those aren't the files you meant.

Best whishes
 
Old 06-08-2012, 05:40 AM   #6
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 3,992

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
Then nis is working.

One last thing. Have you added these lines as last lines to /etc/passwd and /etc/group on the client:

/etc/passwd: +::::::
/etc/group: +:::

That is, the last line in /etc/passwd must be the character plus followed by 6 colons. The last line in /etc/group must be the character plus followed by 3 colons.

jlinkels

Last edited by jlinkels; 06-08-2012 at 07:51 AM.
 
Old 06-08-2012, 05:45 AM   #7
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
Which maps do you distribute, also the “shadow”?
 
Old 06-08-2012, 06:17 AM   #8
KaMe
LQ Newbie
 
Registered: Apr 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
It was correct in /etc/passwd, in /etc/group it wasn't the last line.
But I still can't login.
Btw, I have colons instead of semicolons does that make any difference.

Last edited by KaMe; 06-08-2012 at 06:24 AM.
 
Old 06-08-2012, 07:51 AM   #9
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 3,992

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
must be colons, sorry, my bad

jlinkels

Last edited by jlinkels; 06-08-2012 at 08:51 AM.
 
Old 06-11-2012, 03:21 AM   #10
KaMe
LQ Newbie
 
Registered: Apr 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
@ Reuti

As far as I noticed the "shadow"-map isn't distributed.

There are auto.master, ethers, group, hosts, networks and passwd distributed.
 
Old 06-11-2012, 04:33 AM   #11
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
Then it’s necessary to distribute this map too. Normal users can’t execute ypcat shadow on this. There is also the option to join passwd and shadow maps (so that it’s sufficient to distribute passwd map), but I wouldn’t recommend to do so, as then the hash value will be output on a ypcat passwd.
 
Old 06-11-2012, 06:05 AM   #12
KaMe
LQ Newbie
 
Registered: Apr 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
I now added shadow to the list, but my problem is still the same.
Is there anything else I should do?
 
Old 06-11-2012, 06:19 AM   #13
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
On the NIS server you also got a file /var/yp/<NIS-domainname>/shadow.byname now?

What’s your settings for passwd and shadow in /etc/nsswitch.conf, is it set to compat on the clients?
 
Old 06-11-2012, 06:30 AM   #14
KaMe
LQ Newbie
 
Registered: Apr 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
shadow and passwd are set to compat.

I don't have the shadow.byname file. What do I have to run to get that?
 
Old 06-11-2012, 06:31 AM   #15
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
Then the tables need to be rebuild:
Code:
$ make -C /var/yp
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] NIS server:- how to set user must change his passwd on first login form client anujkaushal Linux - Server 4 09-07-2011 01:11 AM
Unable to login to NIS client machine(Ubuntu) using NIS login user name crazymoonboy Linux - Server 7 11-27-2009 02:29 AM
auto mount to nfs home dir when user login to nis client lijianatusa Linux - Newbie 4 02-25-2009 11:38 PM
NIS prob: added user to server, but can't login to client BrianK Linux - General 3 10-06-2004 04:29 PM
nis client login - user home dir not fnd synfield Linux - Networking 0 03-27-2003 03:51 AM


All times are GMT -5. The time now is 08:45 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration