HPE Community
Operating System - HP-UX
1838282 Members
3069 Online
110125 Solutions
New Discussion

Generic accounts in NIS environment

 
SOLVED
Go to solution
Rosli Ahmad
Frequent Advisor

‎08-03-2004 09:21 PM

‎08-03-2004 09:21 PM

Generic accounts in NIS environment

Hi,
We are running NIS within multiple UNIX platforms and created a number of faceless accounts. For easy recognition & administration purposes, we have replaced the encrypted value of password columns in passwd file with *GENRCACCT*. Users would use sudo to login as these generic accounts.
Our problem is: these accounts can't rlogin to other HP hosts, but works fine for Sun and Linux machines. The .rhosts entry allows connection from all hosts ie. +@allsys .
Anybody has any suggestions on how to troubleshoot this?

Thanks.
-rosli-
0 Kudos
Reply
3 REPLIES 3
Kent Ostby
Honored Contributor

‎08-04-2004 12:42 AM

‎08-04-2004 12:42 AM

Re: Generic accounts in NIS environment

My approach to troubleshooting it would be:

a) Put in one system name or IP address in with and try that.

If it works then the problem is in your format of the machine.

If it doesn't work then it doesn't like your

b) check permissions on the file
They should be 600.

c) my understanding of the "@" syntax is that you have to define a group using netgroup(4) that matches the name you use in the .rhosts file.

I'm not aware of an "allsys" construct unless this is a netgroup you have defined.

Hope that helps.

Best regards,

Kent M. Ostby
"Well, actually, she is a rocket scientist" -- Steve Martin in "Roxanne"
0 Kudos
Reply
Rosli Ahmad
Frequent Advisor

‎08-04-2004 06:13 PM

‎08-04-2004 06:13 PM

Re: Generic accounts in NIS environment

a) Put in one system name or IP address in with and try that.

If it works then the problem is in your format of the machine.

If it doesn't work then it doesn't like your

b) check permissions on the file
They should be 600.

c) my understanding of the "@" syntax is that you have to define a group using netgroup(4) that matches the name you use in the .rhosts file.

I'm not aware of an "allsys" construct unless this is a netgroup you have defined

a) I've tried that, it didn't work even with specific hostname & id.
b) permission is OK for rhosts.
c) Yes, we have an "allsys" netgroup, which constitute of other netgroups eg. allhp,allsun,allibm, etc.

Any other config files I should look into, other than .rhosts & host.equiv??

thanks.
-rosli-
0 Kudos
Reply
Dave Olker
Neighborhood Moderator

‎08-04-2004 06:21 PM

‎08-04-2004 06:21 PM

Solution

Re: Generic accounts in NIS environment

Hi Rosli,

I seem to recall hearing of a situation with rlogin and the "*" character in the entrypted password field. I believe some rlogin implementations treat * as an "account disabled" type of character and won't allow logins to work with that password.

I'd suggest trying an encrypted password field value that doesn't contain a "*" character and see if that resolves the problem.

Regards,

Dave


I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.