System Administration

NIS problem - Windows master node, Hpux Nis client

 
ASSIST
Frequent Advisor

NIS problem - Windows master node, Hpux Nis client

Hi,

We configure a Windows 2003 NIS Master Server and two Hpux 11.23 Nis Client.
In Windows server are install Microsoft Identity Management for Unix.

In Hpux:
nsswitch.conf
passwd: compat
group: compat
hosts: dns [NOTFOUND=return] nis [NOTFOUND=return] files
ipnodes: files
networks: nis [NOTFOUND=return] files
protocols: nis [NOTFOUND=return] files
rpc: nis [NOTFOUND=return] files
publickey: nis [NOTFOUND=return] files
netgroup: nis [NOTFOUND=return] files
automount: files nis
aliases: files nis
services: nis [NOTFOUND=return] files

The last entry of /etc/passwd
+::-2:60001:::
The last entry of /etc/group
+:*:*
/etc/rc.config.d/namesvrs
NIS_CLIENT=1
NIS_DOMAIN=****domain***

We start the nis services (/sbin/init.d/nis.client start) correctly

Ypwhich works fine
# ypwhich -m
shadow NODO1
protocols.bynumber NODO1
protocols.byname NODO1
...

and #ypcat passwd works fine too
temporal2:ABCD!efgh1234:10004:104::/home/temporal2:/bin/sh

But when I try to log into the system with no-system user (any normal user) fail.
login: test
Password:
Login incorrect

If I check the syslog.log appear this message:
telnetd[24815]: getprotobyname: No such file or directory
This message appear when I do a telnet, before put the login/password.

Any idea to try solve our problem?


Perhaps the problem are in the encrypthion method?
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1137445&admit=-682735245+1182409725761+28353475
6 REPLIES 6
ASSIST
Frequent Advisor

Re: NIS problem - Windows master node, Hpux Nis client

In /etc/services telnet exist:
telnet 23/tcp # Virtual Terminal Protocol

And if I try to do a telnet with root user works fine
Nagashankarp
Frequent Advisor

Re: NIS problem - Windows master node, Hpux Nis client

try this at the end of the passwd file, just to test

+::0:0:::
ASSIST
Frequent Advisor

Re: NIS problem - Windows master node, Hpux Nis client


Thanks for the reply Nagashankar


vi /etc/passwd
Add +::0:0:::
and restart the services:
/sbin/init.d/./nis.client stop
./nis.client start
starting NIS CLIENT networking
starting up the rpcbind
/usr/sbin/rpcbind
domainname ******
starting up the Network Information Service
starting up the ypbind daemon
/usr/lib/netsvc/yp/ypbind
Checking NIS binding.
Bound to NIS server using domain clinicafiatc.
starting up the keyserv daemon
/usr/sbin/keyserv
# ypwhich
node.******.com

But the login process fail again

In syslog.log:
Jun 21 12:22:35 RP2 rpcbind: check_netconfig: Found CLTS loopback transport
Jun 21 12:22:35 RP2 rpcbind: check_netconfig: Found COTS loopback transport
Jun 21 12:22:35 RP2 rpcbind: check_netconfig: Found COTS ORD loopback transport
Jun 21 12:22:35 RP2 rpcbind: init_transport: check binding for udp
Jun 21 12:22:35 RP2 rpcbind: init_transport: check binding for tcp
Jun 21 12:22:35 RP2 rpcbind: init_transport: check binding for ticlts
Jun 21 12:22:35 RP2 rpcbind: init_transport: check binding for ticotsord
Jun 21 12:22:35 RP2 rpcbind: init_transport: check binding for ticots
Jun 21 12:22:35 RP2 syslog: ypbind: no entry in /var/yp/secureservers file
Jun 21 12:23:07 RP2 telnetd[27880]: getprotobyname: No such file or directory

secureservers file are empty because we don't need to secure the servers

Nagashankarp
Frequent Advisor

Re: NIS problem - Windows master node, Hpux Nis client

can you check the windows server (NIS Master) for errors and post the errors if any.
ASSIST
Frequent Advisor

Re: NIS problem - Windows master node, Hpux Nis client

The last week we opened a case in Hp Support but they don't find any solution.

This week we found the problem: authentication method

Solution:
To solve the problem install Kerberos software and configure pam.conf and krb5.conf.
With Kerberos the problem has been solve.

//pam.conf//
#
# Authentication Management
[...]
login auth required libpam_hpsec.so.1
login auth sufficient libpam_unix.so.1
login auth required libpam_krb5.so.1 try_first_pass

//krb5.conf//
[libdefaults]
default_realm = domain_name

[realms]
TECNO.LOC = {
kdc = server_name.domain_name:88
admin_server = name_server.domain_name:749
default_domain = domain_name
}

[domain_realm]
domain = domain
.domain = domain
#

Note: Don't need nis.client to works fine.
Maybe NIS don't works when using some authentication methods.
ASSIST
Frequent Advisor

Re: NIS problem - Windows master node, Hpux Nis client

Thread closed