cancel
Showing results for 
Search instead for 
Did you mean: 

Adding NIS user accounts

 
Andrew Kaplan
Super Advisor

Adding NIS user accounts

Hi there --

We have an NIS domain that contains a master and two NIS slave servers with the user home directories located on one of the latter systems. The master NIS server is running HP-UX 11.00 while the slave servers are running the 11.11 release.

When it comes time to add new user accounts, the home directories need to be located on the slave server. When I create the accounts, preferably through SAM, do I need to run the utility on the slave server in question, or is there a way to do this procedure on the master? If I run the procedure on the slave server, does NIS automatically update, or do I need to do the update manually? Thanks.
A Journey In The Quest Of Knowledge
16 REPLIES
Steven Schweda
Honored Contributor

Re: Adding NIS user accounts

> When I create the accounts, preferably
> through SAM, do I need to run the utility
> on the slave server in question, or is
> there a way to do this procedure on the
> master?

It's called the master for a reason. If you
want the new accounts to be in the NIS data
base, then you should probably add them on
the NIS master server.

> [...] the home directories need to be
> located on the slave server.

Who cares? Home directory paths are just
character strings in "/etc/passwd" (or
wherever). Someone probably needs to create
each user's home directory sometime, but that
operation has little to do with NIS. If you
want SAM to create the things, then it'd help
if it could use NFS (or something) to do
that, but (without actually looking) I'd
assume that you could create the directory
outside of SAM, and tell SAM not to worry its
pretty little head.
Viktor Balogh
Honored Contributor

Re: Adding NIS user accounts

After you have edited the NIS maps on the master server, you must do a ypmake to rebuild the NIS database and a yppush to propagate the new maps to the slaves. I don't know the SAM way. If you have automounter NIS maps, edit these too (that's because we do this everytime manually and not with SAM) and after that create the home on the slave that operating as NFS server. That's it. And do not forget to change the ownership of the home!
****
Unix operates with beer.
Steven E. Protter
Exalted Contributor

Re: Adding NIS user accounts

Shalom,

Add the accounts on the master server. You should not have to create home directories on the slaves manually if NIS is working right and the home directory is present.

ypmake

# When done.

All NIS accounts must be created on the master server.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Andrew Kaplan
Super Advisor

Re: Adding NIS user accounts

Hi there --

I went through the motions of creating a new user account on the master NIS server and running the ypmake command after the user account was created. There were no apparent error messages. Because the slave NIS server is where the user home directory will be located, I ran the chown and chmod commands on the master NIS server so that root would own the newly created directory and only root would have access to it.

I then went to the slave NIS server, and created a copy of the user home directory. The problem that I am seeing is the following: When I tried to change the ownership of the directory on the slave server so the user account would own it, the error message I encountered was the following:

unknown user id

When I log into the any of the nis servers or clients as the user in question, I am able to do so. However, because the home directory on the slave server is still owned by root, the user account cannot save any files within it. I ran the ypcat passwd command with the username, and it did give the expected output for the user.

I tried running the ypxfr passwd.byname and the ypxfr passwd.byuid commands from the slave nis server, but the response I got in both cases was the mapfile on the master nis server was not newer than that on the slave server.
A Journey In The Quest Of Knowledge
Steven Schweda
Honored Contributor

Re: Adding NIS user accounts

As usual, I'd prefer to see the actual
commands with their actual output, instead of
these confusing descriptions. References to
"the newly created directory" and "created a
copy of the user home directory" are not
telling me anything which I can grasp
securely.

> unknown user id

> When I log into [...] I am able to do so.

These would seem (to me) to be inconsistent.

Potentially interesting info:

Contents of "/etc/nsswitch.conf" files.

Output from "domainname" everywhere.

Output from "ypwhich -m" everywhere.

Output from "ypcat passwd | grep "
where the chown command fails.

The actual failing chown command, and enough
"ls -l" output to show what's what, where.
Viktor Balogh
Honored Contributor

Re: Adding NIS user accounts

>"...and it did give the expected output for the user."

At least, the output YOU have expected.
yepp, Steven has right. If you want us to help you, provide the exact commands and its outputs.
****
Unix operates with beer.
Andrew Kaplan
Super Advisor

Re: Adding NIS user accounts

Hi there --

Sorry about the confusion. The commands in question are the following:

1. When trying to change the ownership of the directory on the slave NIS server, the command syntax was the following:

chown baw32:users baw32

This generated the error:

unknown user id baw32

The contents of the /etc/nsswitch.conf file are included as an attachment to this posting.

The output of the domainname command from both master and slave nis servers is radonc. This is the correct name of the domain.

The output of the ypwhich -m command, which was also run on the master and slave servers, is shown below:

netgroup.byuser space
ypservers space
servi.bynp space
auto.master space
mail.aliases space.mgh.harvard.edu
mail.byaddr space
netid.byname space
publickey.byname space
services.byname space
rpc.bynumber space
protocols.bynumber space
protocols.byname space
passwd.byuid space
passwd.byname space
networks.byname space
networks.byaddr space
netgroup.byhost space
group.byname space
rpc.byname space
netgroup space
hosts.byname space
hosts.byaddr space
group.bygid space

The space server is the master nis server, so the output appears to be correct.

The output for the ypcat passwd command on the slave nis server, where the problem is occurring is shown below:

baw32:NAXMnjvsqzIm6:225:20:,,,:/usr/oahu/baw32:/usr/local/bin/tcsh

Here is the output of the chown commmand that is failing:

root@cosmos1:/user2> pwd
/user2
root@cosmos1:/user2> chown baw32:users baw32
chown: unknown user id baw32

A Journey In The Quest Of Knowledge
Viktor Balogh
Honored Contributor

Re: Adding NIS user accounts

>root@cosmos1:/user2> chown baw32:users baw32
>chown: unknown user id baw32

I think you must propagate your NIS maps the slaves with yppush. Though I don't know why this user can be found in ypcat passwd. These two seems inconsistent. Try "su baw32" on the slave and post the output.
****
Unix operates with beer.

Re: Adding NIS user accounts

Since ypcat works, what do you have at the end of your /etc/passwd file? That "+" entry?
Andrew Kaplan
Super Advisor

Re: Adding NIS user accounts

Hi there --

I ran the su baw32 on the slave NIS server, and the output is the following:

su baw32
su: Unknown id: baw32

The end of the /etc/passwd file, assuming the one in question is that on the slave, does not contain any of the 'traditional' + and other symbols.

It should be noted that the master NIS server is running HP-UX 11.00 while its slave counterpart is running HP-UX 11.11.


A Journey In The Quest Of Knowledge

Re: Adding NIS user accounts

>The end of the /etc/passwd file, assuming the one in question is that on the slave, does not contain any of the 'traditional' + and other symbols.

Then your slave won't know about that UID. Either it has to be in passwd(4) or found with NIS.

Re: Adding NIS user accounts

If you don't want to fiddle with passwd(4), due to chicken and egg issues?, I assume you can just use UIDs and not names:
chown 225:users /user2/baw32
Andrew Kaplan
Super Advisor

Re: Adding NIS user accounts

Hi there --

I ran the command chown 225:users /user2/baw32, and that was successful. As a test, I logged in as the user baw32, and ran touch test command. The file was created in the user's home directory.

It was suggested also, the /usr/sbin/pwgrd binary be stopped and restarted. Once that was done, I ran the pwget -u baw32 command, and this time the slave nis server recognized the user account.

It appears the stopping and restarting of the pwgrd binary solved the problem. Thanks again for the help.
A Journey In The Quest Of Knowledge

Re: Adding NIS user accounts

>Thanks again for the help.

If you are happy with your answers, please read the following about how to assign points:
http://forums.itrc.hp.com/service/forums/helptips.do?#33
Andrew Kaplan
Super Advisor

Re: Adding NIS user accounts

The button that will allow me to assign points is not showing up on the web page. Any ideas?
A Journey In The Quest Of Knowledge

Re: Adding NIS user accounts

>The button that will allow me to assign points is not showing up on the web page.

It appears you have two IDs. You must use your original/author one:
http://forums.itrc.hp.com/service/forums/publicProfile.do?userId=BR710975&forumId=1