HPE Community
Operating System - HP-UX
1829582 Members
1678 Online
109992 Solutions
New Discussion

Change root password in NIS sever

 
j773303
Super Advisor

‎08-18-2004 02:39 PM

‎08-18-2004 02:39 PM

Change root password in NIS sever

Does anyone has the experinece about change root password for NIS server? After I use passwd root to change it. Then the client can't telnet and login root to the NIS sever.
Below are the nsswitch.conf

nsswitch.conf
passwd: files nis ==> this is can login to root

nsswitch.conf
passwd: nis files ==> this is can't login to root.


Should I do anything after change root password?
Hero
0 Kudos
Reply
3 REPLIES 3
A. Clay Stephenson
Acclaimed Contributor

‎08-18-2004 03:35 PM

‎08-18-2004 03:35 PM

Re: Change root password in NIS sever

change your nsswitch.conf settings for passwd and group to "compat"
passwd: compat

Make sure that root's passwd is always the first entry in each machine's local passwd file (or at least make sure it comes before the '+' entry. Always have a passwd entry for root in /etc/passwd.
If it ain't broke, I can fix that.
0 Kudos
Reply
Mark Ellzey
Valued Contributor

‎08-20-2004 03:27 AM

‎08-20-2004 03:27 AM

Re: Change root password in NIS sever

Also, don't forget to do a ypmake when you change any of the NIS maps. If the client you are logging in from is looking at the NIS slave server for password information, and you haven't done a ypmake, the slave server won't have the updated information.

Regards,
Mark
0 Kudos
Reply
Dave Olker
Neighborhood Moderator

‎08-22-2004 08:11 AM

‎08-22-2004 08:11 AM

Re: Change root password in NIS sever

Another trick some administrators use to avoid this case is they use a file other than /etc/passwd as the source of the passwd NIS maps.

They will typically create a private directory that holds the "source" files for the NIS maps and in that copy of the passwd file they will remove any priviledged users, like: root, bin, daemon, lp, etc... These priviledged users will remain in the /etc/passwd file but the file holding the passwd entries for the NIS map will only hold "regular" users.

By doing this, you can change the /etc/passwd entry for root and not worry about it being distributed to the NIS clients. Also, in this configuration, the appropriate /etc/nsswitch.conf file syntax would be:

passwd: files nis

Using "compat" does work, but it is a much slower algorithm, especially when using applications that do many searches of the passwd database, or when the passwd database contains many entries.

Regards,

Dave


I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.