- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Preventing NIS+ users from logging in
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-21-2001 03:20 AM
тАО08-21-2001 03:20 AM
Preventing NIS+ users from logging in
--snip--
uadm (user1,-,) (user2,-,)
users uadm (user3,-,) (user4,-,)
--snip--
All end-users workstations are NIS+ clients and Trusted systems.
Here is the expected behaviour: on workstation 1, I'd like only users belonging to map @uadm having their access granted on the system and on workstation 2, all users having normal access.
In fact, I'd like the 'compat' behaviour for passwd and group maps (thus allowing me to select granted NIS+ users), but Trusted Systems do not support this syntax (having +/- signs into /etc/passwd before conversion).
Any ideas?
Thanks a lot in advance.
Regards.
/Brian
- Tags:
- NIS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-21-2001 06:33 AM
тАО08-21-2001 06:33 AM
Re: Preventing NIS+ users from logging in
NIS+ wouldn't work if your system is trusted one.
If you wanted to achive this on your client, make the following additions in /etc/passwd file.
in workstation1 : at the end of the file just add +user1:::
+user2:::
...
....
so the user1,user2,.. can only access the workstation1.
In workstation 2 at the end of the file just add +::: and also in /etc/group file.
Now workstation2 accessible for all NIS+ users.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-21-2001 06:43 AM
тАО08-21-2001 06:43 AM
Re: Preventing NIS+ users from logging in
But in answer to the question - netgroup should function exactly as it does in a NIS environment with the proviso that nsswitch.conf has the following line :
netgroup: nisplus files
... or something similar?
Why not create a group in the netgroup called machine1_ok or something like that and add that then as the + entry ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-21-2001 06:59 AM
тАО08-21-2001 06:59 AM
Re: Preventing NIS+ users from logging in
pls go thru trusted system docs, it clearly says that NIS+ wouldn't work. if it works how can the audit takes place for all the NIS+ users who logged into system
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-21-2001 07:10 AM
тАО08-21-2001 07:10 AM
Re: Preventing NIS+ users from logging in
I can assure you NIS+ and trusted systems work quite happily together. I've implemented NIS+ servers and clients, all of which were trusted systems. NIS+ keeps itself in sync with whats going on in the local /tcb/files/auth structure. So as long as you stick your nisplus entry into your nsswitch.conf then your sorted.
What aspect of NIS+ doesn't work with trusted systems Ravi?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-21-2001 07:30 AM
тАО08-21-2001 07:30 AM
Re: Preventing NIS+ users from logging in
Auditing works perfectly well for me too, even if my system is trusted and a NIS+ client.
Barry, the + entry (in fact, the "compat" mode) does not work when the system has previously been tsconvert'd. I thought there were another way just to prevent user1 and user2 from logging into workstation1, while they can log into workstation2; a way to "disable" certain accounts on workstation1 but not on workstation2, considering that both workstations are NIS+ clients of the same NIS+ domain.
Any ideas?
TIA
/Brian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-22-2001 06:41 AM
тАО08-22-2001 06:41 AM
Re: Preventing NIS+ users from logging in
Its worth a shot!! Otherwise dump NIS+ and go back to good old NIS. ;-)
B