HPE Community
Operating System - HP-UX
1832988 Members
2309 Online
110048 Solutions
New Discussion

NIS configuration

 
SOLVED
Go to solution
Mike Rightmire
Frequent Advisor

‎07-24-2001 01:03 PM

‎07-24-2001 01:03 PM

NIS configuration

Hey Folks!

I have installed and set up an NIS server in my test domain. I have followed the steps as offered by my training course and all the correct configs have been entered and all the necessary daemons are running.

The issue is, my client cannot use the servers passwd file unless I have an entry in the local /etc/passwd of ...

+username

... My understanding is that if you enter +username entries in the local passwd file, the NIS client will allow those, and only those, NIS clients into the machine This workds fine...however I also understood that if there was NO +username entries in the local passwd file, the client would allow any and all users from the NIS servers passwd file. It is not doing this and in fact not allowing any users which are not in the local passwd file onto the machine.

I have removed all the users from the local passwd file except the UIDs under 100 (root, sys, ETC.)

Thanks again for any and all help and I look forward to your suggestions!
Mike
"If we treated each person we met as if they were carrying an unspeakable burden, we might almost treat each other as we should." Dale Carnegie
0 Kudos
Reply
7 REPLIES 7
A. Clay Stephenson
Acclaimed Contributor

‎07-24-2001 01:10 PM

‎07-24-2001 01:10 PM

Solution

Re: NIS configuration

Hi Mike,

After the users you want locally defined in the
/etc/passwd file of the NIS client, you should have an entry very similar to this:
+::-2:60001:::

You should also have an /etc/group entry like this at the end:
+:*:*

Before changing the passwd and group files make sure that ypcat passwd works on the client. If not, you need to check the settings
in /etc/rc.config.d/namesvrs and start the daemons.

Regards, Clay
If it ain't broke, I can fix that.
Reply
Ajay Sishodia
Frequent Advisor

‎07-24-2001 01:30 PM

‎07-24-2001 01:30 PM

Re: NIS configuration

Mike

check your /etc/nsswitch.conf file. If the entry for
passwd: compact
group: compact

than change it to
passwd: files nis
group: files nis

If there is no /etc/nsswitch.conf file, than copy /etc/nsswitch.nis to /etc/nsswitch.conf file.

later
Ajay

Reply
Mike Rightmire
Frequent Advisor

‎07-24-2001 01:38 PM

‎07-24-2001 01:38 PM

Re: NIS configuration

Thanks Clay! That did work. One further question however...I am doing this for my exam. The inference I got dfrom the study material is that when I set up a client to the NIS server, it is supposed to use the files (the client) it finds in the /var/yp/domanname directory (I.E. passwd.byname) and not need any entries in the local passwd file.

Are the steps you gave me simply an effective workaround, or are the necessary to get the NIS client to work under any circumstance?

By the way...ypcat DID work frmo the client before changing the passwd and group files, and the output DID show the user account I was trying to use to gt onto the box.

Also, could part of the problem have been the fact that the "named" variable in the namesvrs config file is still set to '0' on both boxes (as my manuals did not say to change them)?

Thanks again!
Mike
"If we treated each person we met as if they were carrying an unspeakable burden, we might almost treat each other as we should." Dale Carnegie
0 Kudos
Reply
Sachin Patel
Honored Contributor

‎07-24-2001 01:54 PM

‎07-24-2001 01:54 PM

Re: NIS configuration

Hi Mike,
+::-2:60001:::
entry says that any user other then above use nis map.
So this is require entry in passwd and group file.
you have named=0 in /etc/rc.config.d/namesvrs file that means you are not running named it is DNS daemon. When you start testing DNS you need this, unless then forget it.

Sachin

Is photography a hobby or another way to spend $
Reply
Shahul
Esteemed Contributor

‎07-24-2001 10:01 PM

‎07-24-2001 10:01 PM

Re: NIS configuration

Hi

Please follow these or cross check whether U have followed the same.

Step 1. Copy the client's passwd file to NIS server and merge to server's passwd file. Remove the duplicate entries.

Step 2. Copy the client's group file to NIS server and merge to server's group file. Remove the duplicate entries.

Step 3. Copy the client's hosts file and merge to server's host file.

Step 4. Sort server's /etc/passwd and /etc/group in UID and GID order respectively.

Login to master server as root and check whether the these directories are included in PATH variable.

Directories../var/yp, /usr/lib/netsvc/yp, /usr/ccs/bin

Step 5. Set the domain name by using /usr/bin/domainname

Step 6. in /etc/rc.config.d/namesvrs file set the NIS_DOMAIN variable to domain name, set NIS_MASTER=1
NIS_CLIENT=1

Step 7. Issue this command

/usr/sbin/ypinit -m

Step 8. Run these

/sbin/init.d/nis.server start
/sbin/init.d/nis.client start

Go to client side and do these

Step 1. Remove all users except root and system level entries

Step 2. Add this line as the last line of /etc/passwd file

+::-2:60001:::
Step 3. Remove all group except system level entries and add this line as the last line
+:*:*

step 4. set PATH variable and domain name same as server.

step 5. in /etc/rc.config.d/namesvrs file set NIS_DOMAIN and NIS_CLIENT variables.

Step 6. Run this

/sbin/init.d/nis.client start

Verify all this steps U have followed.

Shahul
Reply
Joshua Weage
New Member

‎07-25-2001 05:26 AM

‎07-25-2001 05:26 AM

Re: NIS configuration

I believe with HP-UX 10.20, after enabling a NIS client with sam, that sam would put the appropriate +:: entry in the passwd and group files.

This isn't the case with 11.00. You have to do it manually. If you don't have the + entries in the appropriate files, the machine will not use NIS, even if the NIS client is enabled. At least, that is my experience with HP-UX.
Reply
Mike Rightmire
Frequent Advisor

‎07-25-2001 08:51 AM

‎07-25-2001 08:51 AM

Re: NIS configuration

Hey Gang!

Well, I tried all the suggestions and it looks as though you are right. The only way to make this function is with the additions to the passwd and the group files on each client machine. It is not really a difficult thing, however my study guides neglected to mention it.

Thanks for all the help!
Mike
"If we treated each person we met as if they were carrying an unspeakable burden, we might almost treat each other as we should." Dale Carnegie
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.