- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: Restrict NIS users
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-30-2005 03:29 PM
08-30-2005 03:29 PM
			
				
					
						
							Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
Can any body tell me how to restrict nis users to user Linux servers
OS version is Red Hat linux 9
Thanks
Binu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-30-2005 06:20 PM
08-30-2005 06:20 PM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
can you provide more info about this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-30-2005 06:36 PM
08-30-2005 06:36 PM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
I have an NIS server here and all the users
are configures in this Server...
NIS users will login to individual workstations ..Here all the NIS users can login to all workstations .. I want to restrict some users accessing some workstations ..
Is there any setting in the workstation side
Thanks
Binu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-30-2005 06:47 PM
08-30-2005 06:47 PM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
see http://www.tldp.org/HOWTO/NIS-HOWTO/settingup_client.html for more.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-30-2005 11:21 PM
08-30-2005 11:21 PM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
If it is NIS, then each NIS client would have "+" at the bottom of passwd and shadow files. To remove a particular user such as jsmith, you would put "-jsmith" in passwd. Alternatively, you could take out the "+" (which includes everyone) and put "+jsmith" to make jsmith the only user to be able to log on with an NIS account. If you have user accounts you will never want to logon to clients, make the accounts UID a low number. I don't remember what the lowest NIS UID is, but that is adjustable anyway. You may have to look for that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-31-2005 12:44 AM
08-31-2005 12:44 AM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
Please find the last lines of my password file
#+::0:0:::
+binuv
I have added a user call +binuv at the
end of the line and hashed (#) the above line but still all the nis users can login to the system
Thanks
Binu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-31-2005 01:19 AM
08-31-2005 01:19 AM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
http://susefaq.sourceforge.net/howto/pam.html
Enable pam_access in /etc/pam.d/system-auth and then configure the /etc/security/access.conf file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-31-2005 01:27 AM
08-31-2005 01:27 AM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
man netgroup for details.
You can also put as follows in passwd file.
-user_name1
-user_name2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-31-2005 05:43 PM
08-31-2005 05:43 PM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
To be able to restrict interactive access to the system to a subset of the NIS users you can use the +/- semantics syntax in /etc/passwd as follows:
+nisuser ==> include the specified user from NIS passwd.byname
-nisuser ==> exclude the specified user
+@netgroup ==> include all users in the netgroup
-@netgroup ==> exclude all users in the netgroup
+ ==> include everything, except excluded users
To allow for this syntax in /etc/passwd the "compat" source should be used for passwd in /etc/nsswitch.conf. It reads /etc/passwd for getpwnam() functions and, if it finds +/- entries, invokes an appropriate source. In case you need to use it, the "compat" source also provides full +/- semantics for /etc/group.
HTH,
Ross
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2005 03:54 AM
09-06-2005 03:54 AM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
+@admin:::::::
-::::::::
When users from other then admin netgroup are connecting to the host they get something like:
id: cannot find name for group ID 6553
id: cannot find name for user ID 925
but they are still able to log in. Is there any way to prevent login permissions for these users?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2005 04:05 AM
09-06-2005 04:05 AM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
Try this:
1. Only add the following to /etc/passwd:
+@admin
Remove any lines that have ::::...
Also make sure you don't have a "+" line in it.
2. Add the following line to /etc/group:
+
3. Change you /etc/nsswitch.conf to have:
passwd: compat
shadow: compat
group: compat
HTH,
Ross
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2005 04:16 AM
09-06-2005 04:16 AM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
I forgot to mention that it's RHE3 update 4.
I guess the problem is somewhere in pam modules.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2005 06:04 PM
09-12-2005 06:04 PM
			
				
					
						
							Re: Restrict NIS users
						
					
					
				
			
		
	
			
	
	
	
	
	
I have added only one user in
/etc/security/access.conf like the following format
+:alphy but still other users can access the system
Thanks
Binu
