HPE Community
Operating System - HP-UX
1848181 Members
7195 Online
104022 Solutions
New Discussion

NIS Login problem

 
SOLVED
Go to solution
Ranjith_5
Honored Contributor

‎03-23-2005 06:05 PM

‎03-23-2005 06:05 PM

NIS Login problem

Hi Experts,

Im not able to login on a newly configured nis client.

Following are my observations.
===============================

My NIS slave server and nis client is the same host.

#ypwhich points to the slave hostname and #domainname points to the NIS domain.
#nsllokup resolves properly using the NIS server.

If Iam logging in on the NIS client with root user and doing the su - nisuser works fine.

#yppasswd nisuser not allowing to change the password. The old passwords given was not accepting.

but I am able to login to the nis server with the same password what I am giving while doing #yppasswd nisuser


I have attached the output of a lot of NIS commands from the client side.

Request your help. Thanks in Advance.


Regards,
Syam
0 Kudos
Reply
10 REPLIES 10
Betty Fessler
Frequent Advisor

‎03-25-2005 02:46 AM

‎03-25-2005 02:46 AM

Re: NIS Login problem

I'm assuming that you nis master has this hostname in nis hosts and ypservers and that you rebooted this host after you made it a nis slave/client.
0 Kudos
Reply
Ranjith_5
Honored Contributor

‎04-04-2005 10:30 PM

‎04-04-2005 10:30 PM

Re: NIS Login problem

Hi Betty,

Was unable to be in touch for the last few weeks. Im sorry for the same to all.

I am not able to get you. Can any one explain pls.

Regards,
Syam
0 Kudos
Reply
V. Nyga
Honored Contributor

‎04-05-2005 12:53 AM

‎04-05-2005 12:53 AM

Solution

Re: NIS Login problem

Hi Syam,

I'm not the expert, but I can tell you the differences to my files.
Can you try this at the client side:
in /etc/passwd erase the NIS-user and only let one '+' at the end of the file.
The same you should do in the /etc/group file.

Also you should check if there's a directory in /var/yp with your NIS domain name. It shouldn't be there for a slave server. Only if your master server goes down it has to be created.

HTH
Volkmar
*** Say 'Thanks' with Kudos ***
Reply
Ranjith_5
Honored Contributor

‎04-05-2005 01:21 AM

‎04-05-2005 01:21 AM

Re: NIS Login problem

Oyeeeeeeeeeeeee Oyeeeeeeeeee

Nyga.......,

Who said you are not expert...

I had missed to put the escape entry in /etc/group file. My understanding was that we need to put escape entries in /etc/passwd only.

Now I understand that /etc/group also need escape entries.

I added +nisuser at the end of the /etc/group of my nis client machine.

Now I am able to login.

Thanks Thanks Thanks..and Thanks a lot.

Regards,
Syam
0 Kudos
Reply
Ranjith_5
Honored Contributor

‎04-05-2005 01:31 AM

‎04-05-2005 01:31 AM

Re: NIS Login problem

Nyga,

I heard NIS is not that secure. Any comments?

Is NIS+ more secure?

I have a trusted system environment on all the servers which I am having now.

Will all the security features offered by a trusted system can be available if I use NIS/NIS+?

Thanks for your response.

Regards,
Syam
0 Kudos
Reply
V. Nyga
Honored Contributor

‎04-05-2005 01:43 AM

‎04-05-2005 01:43 AM

Re: NIS Login problem

Hi agian,

great that it worked - but I've no experience with differences between NIS and NIS+. NIS works for me - maybe the real experts can help :-)

I think I've read here in the forum, that NIS+ is better - have you done a search yet?

Volkmar
*** Say 'Thanks' with Kudos ***
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎04-05-2005 03:01 AM

‎04-05-2005 03:01 AM

Re: NIS Login problem

NIS is not secure because a "ypcat passwd" will return all the hashed passwds which can then be subjected to a dictionary attack (e.g. crack). NIS will also not work in a Trusted environemnt. NIS+ will work in a trusted environment and is more secure than NIS+. You can configure it so that all the users see from an niscat passwd is '*'.

NIS+ is generally considered to be more difficult to set up and having used both I tend to agree although my assessment is that NIS+ is not that much more difficult but it is very different. In fact, your knowledge of NIS may hurt you more than help you when setting upo NIS+; they are that different.
NIS+ would be a reasonably good choice except for one thing -- it's going away.

You really should be migrating to LDAP.

If it ain't broke, I can fix that.
Reply
Ranjith_5
Honored Contributor

‎04-05-2005 03:41 AM

‎04-05-2005 03:41 AM

Re: NIS Login problem

Hi Clay & Nyga,

Thanks for your replies.

Clay,

You mean to say that NIS/NIS+ & LDAP will do the same purpose? My basic idea is to manage the users and group from single server. Right now that is my aim.

Al my systems are trusted. So I think I need to setup a NIS+ server.

Clay, do you have any cookbook style documentation for NIS+. It will be very much useful for me if you could share it.

Thanks in advance.

Regards,
Syam
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

‎04-05-2005 04:02 AM

‎04-05-2005 04:02 AM

Re: NIS Login problem

Hi Syam,

I should consider a combination of ldap and nis.

http://docs.hp.com/en/J4269-90028/ch01s01.html

http://docs.hp.com/en/J4269-90028/index.html

Best regards,
Robert-Jan
0 Kudos
Reply
Ranjith_5
Honored Contributor

‎04-05-2005 04:26 AM

‎04-05-2005 04:26 AM

Re: NIS Login problem

Anyone have the step by step procedure to configure NIS+ or LDAP?

Regards,
Syam
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.