HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- To implement TCB in NIS server
Operating System - HP-UX
1834280
Members
1963
Online
110066
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2005 07:16 AM
06-26-2005 07:16 AM
To implement TCB in NIS server
We are having 60 HP Workstation (C – Class 3700) for mainly using for Unigraphics, Catia & ideas (CAD CAM Software).
One of the workstation we converted as a NIS server & all users configured in that. So each workstation is configured
As NIS client. In this setup we have to implement Trusted System (TCB) . The problem is when I convert a TCB in
any one of the workstation ( NIS Client) it is not accepting and giving error as NIS cannot be configured because this host is a trusted system. That is simply either NIS work or Trusted System Work ??
So suggest me is it possible to implement TCB in NIS server atleast or How could be this implemented in a better way.
Regards,
Reejesh.
One of the workstation we converted as a NIS server & all users configured in that. So each workstation is configured
As NIS client. In this setup we have to implement Trusted System (TCB) . The problem is when I convert a TCB in
any one of the workstation ( NIS Client) it is not accepting and giving error as NIS cannot be configured because this host is a trusted system. That is simply either NIS work or Trusted System Work ??
So suggest me is it possible to implement TCB in NIS server atleast or How could be this implemented in a better way.
Regards,
Reejesh.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2005 07:26 AM
06-26-2005 07:26 AM
Re: To implement TCB in NIS server
A trusted system is only supported using NIS+ and not NIS.
Sudeesh
Sudeesh
The most predictable thing in life is its unpredictability
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2005 07:44 AM
06-26-2005 07:44 AM
Re: To implement TCB in NIS server
You best bet would be to go with something like LDAP.
NIS is NOT supported in a trusted system environment.
NIS is NOT supported in a trusted system environment.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2005 01:55 PM
06-26-2005 01:55 PM
Re: To implement TCB in NIS server
hi reejesh
Unfortunately, using shadow passwords and NIS is not
supported. You would have to trust the system to use them.
This combination is supported, however, at HP-UX 11.0 using
NIS+. The following information is from the 11.0 release notes:
NIS+ and the Name Service Switch
************************************************************************
All of the public getprpw* and putprpw* APIs are aware of the Name
Service Switch and can be used in a distributed environment using NIS+.
You can centrally administer a subset of security attributes from any
NIS+ server or any authenticated client. You can configure C2/NIS+
operations via the /etc/nsswitch.conf file. This configuration file can
be configured to obtain protected password information from local files
or NIS+ tables.
libsec uses the NIS+ password table and HP's proprietary trusted table.
The password table contains a subset of trusted mode security attributes
in the shadow column to handle password aging. The trusted table
contains a different subset of security attributes that can be
administered centrally in an NIS+ namespace.
If NIS+ is configured, libsec's public APIs can obtain protected
password information from three different areas: local system, password
tables, and trusted tables (depending on the configuration of the
/etc/nsswitch.conf file).
libsec does not contain any reference to NIS+ library calls and it is
entirely dependent on the Name Service Switch for multi-user mode. The
switch directs libsec to the correct repository where protected password
information resides.
In single-user-mode, trusted mode and NIS+ is not supported. Also, the
archive version of libsec (libsec.a) does not support NIS+.
libsec only supports NIS+, not NIS(YP). An above-average level of
understanding of NIS+ is required to administer trusted mode in a
distributed environment. If you use libsec, you must understand the
relationship of NIS+ and the Name Service Switch and configuration of
NIS+. Some protected password information might not be returned by the
public APIs if the switch is used and NIS+ is not configured.
regards
Vinod K
Unfortunately, using shadow passwords and NIS is not
supported. You would have to trust the system to use them.
This combination is supported, however, at HP-UX 11.0 using
NIS+. The following information is from the 11.0 release notes:
NIS+ and the Name Service Switch
************************************************************************
All of the public getprpw* and putprpw* APIs are aware of the Name
Service Switch and can be used in a distributed environment using NIS+.
You can centrally administer a subset of security attributes from any
NIS+ server or any authenticated client. You can configure C2/NIS+
operations via the /etc/nsswitch.conf file. This configuration file can
be configured to obtain protected password information from local files
or NIS+ tables.
libsec uses the NIS+ password table and HP's proprietary trusted table.
The password table contains a subset of trusted mode security attributes
in the shadow column to handle password aging. The trusted table
contains a different subset of security attributes that can be
administered centrally in an NIS+ namespace.
If NIS+ is configured, libsec's public APIs can obtain protected
password information from three different areas: local system, password
tables, and trusted tables (depending on the configuration of the
/etc/nsswitch.conf file).
libsec does not contain any reference to NIS+ library calls and it is
entirely dependent on the Name Service Switch for multi-user mode. The
switch directs libsec to the correct repository where protected password
information resides.
In single-user-mode, trusted mode and NIS+ is not supported. Also, the
archive version of libsec (libsec.a) does not support NIS+.
libsec only supports NIS+, not NIS(YP). An above-average level of
understanding of NIS+ is required to administer trusted mode in a
distributed environment. If you use libsec, you must understand the
relationship of NIS+ and the Name Service Switch and configuration of
NIS+. Some protected password information might not be returned by the
public APIs if the switch is used and NIS+ is not configured.
regards
Vinod K
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP