Summary: shadow map/file in nis database

From: Rahul Sen (rahul_sen@hotmail.com)
Date: Tue Jun 06 2000 - 11:13:54 CDT

Here is my original post :

Hey Gurus,
I inherited an ultra-2 running 5.6 as NIS master. It has a shadow and
shadow- file under /var/yp/masters which it uses to authenticate passwords.
It is a mystery to me... i always believed that nis uses passwd map itself
for password authentication. This causes some queer behaviour like for
clients bound to a slave server users cannot change their own passwords (get
permission denied message). Passwords can only be changed on either the
master nis server or on clients bound directly to the master.

The shadow map is NOT propagated to the slaves.

Any ideas?
Summary will follow enlightenment.
---------------------------------------------------------------

Thanks to all who responded. Most of u asked me to use yppasswd. That was
unfortunately not the solution.
Solution : The makefile had to be edited to force propagation of passwd
map in case of shadow file implementation (which was not happenning if there
was a shadow file detected... dunno why !)

The following reply by Mike DeMarco is very precise and appreciated.

>From: Mike DeMarco <mikejd@bnpcn.com>
>Reply-To: Mike DeMarco <mikejd@bnpcn.com>
>To: rahul_sen@hotmail.com
>Subject: Re: shadow map/file in nis database
>Date: Tue, 6 Jun 2000 08:59:19 -0400 (EDT)
>
>Several things you will need to look at.
>1) check your Makefile on the master,
> PWDIR=/var/yp/master
>2) on master check to see if,
> rpc.yppasswd -D /var/yp/master -m is running.
> The -m will rerun a make on the passwd file after changes are made.
>3) at the end of your Makefile in the dependencies you should add netid to
> you passwd: group: hosts: lines.
> i.e....
> passwd: passwd.time netid.time
> group: group.time netid.time
> hosts: hosts.time netid.time
>
> This will build your netid map any time the passwd,group or hosts maps
> are rebuilt.
>
>The above should solve your problem.
>
><mike>
>

> >--
> >Rahul Sen
> >Lucent Tech.
> >
> >
> >
> >________________________________________________________________________
> >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
> >
> >
>
><mike>
>
> 3;}>
> 3-------\-------
>

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:09 CDT