Summary: Help with YP/NIS

From: Jeff Welsch <>
Date: Tue Jun 25 2002 - 14:51:57 EDT
Thanks to all for their help.  I was able to resolve the problem by copying
/etc/nsswitch.nis to /etc/nsswitch.conf.  Apparently somethings was amiss
with my manually edited nsswitch.conf file.  Thanks go to the following
people for their input:

David Foster
Darren Dunham
John Timon
Charles Homan
Casper Dik

Their replies were:

It would help to see your nsswitch.conf. If your passwd and
group entries are correct, then you don't need the +... entries
in /etc/{passwd,group}.

Dave Foster

   << All opinions expressed are mine, not the University's >>

   David Foster    National Center for Microscopy and Imaging Research
    Programmer/Analyst     University of California, San Diego       Department of Neuroscience, Mail 0608
    (858) 534-7968

   "The reasonable man adapts himself to the world; the unreasonable one
   persists in trying to adapt the world to himself.  Therefore, all
   depends on the unreasonable."   -- George Bernard Shaw

So it sounds like the passwords aren't correct.
You showed the passwd and group entries, how about shadow?

Darren Dunham                                 
Unix System Administrator                    Taos - The SysAdmin Company
Got some Dr Pepper?                           San Francisco, CA bay area
         < This line left intentionally blank to confuse you. >
ypinit -c to setup the client

make sure that your nis servers (master and slaves) are in /etc/hosts

make sure domainname is set also.

John Timon
Desk: 519 667 7187
Cell: 519 852 0042
Pager: 519 430 1826

"Show me the person who is not ignorant, i.e. please demonstrate to me
how your use of the word "ignorant" is not semantically null."
	- Bigby Findrake
Hey, Jeff, this isn't an answer to your question (unfortunately.)  I just
wanted to point out that you don't actually need the "+:" entries in passwd
or group.  Just make sure the lines in /etc/nsswitch.conf look like:

passwd:    files nis
group:     files nis

As to your problem, could something be wrong with your shadow file?  For
instance, I don't recall if in the "+:" case you need a similar line in
shadow or not.  I believe that if you are root when you su it doesn't bother
checking the shadow file, so that would be why it works for root but no one

Good luck!
Did you run pwconv?

Did you add a "+::" entry to /etc/shadow?

(Withpout the "x").

The proper way to create a compatibility client is this:

	Change passwd line in nsswitch.conf to "passwd: compat"
	Add "+::::::" line to /etc/passwd
	run "pwconv" (will update passwd to include "x" and create
	shadow entry)


-----Original Message-----
[]On Behalf Of Jeff Welsch
Sent: Wednesday, June 12, 2002 10:38 AM
Subject: Help with YP/NIS


I will be the first to admit that I am not a guru when it comes to
YP/NIS, and I would like to ask a hopefully simple question.

I am attempting to add a new NIS client to my domain.  I have modified
nsswitch.conf to use the proper compat entries for passwd and group.  I
added the proper entries to /etc/passwd (+:x:::::) and /etc/group (+:).
Automounting is also working correctly.

Here is the strange part:

When I am logged in as root, I am able to su - username with no
problems.  The user logs in, has their home directory, and all is well.
However, when I am logged in as a user and su to another user (not root)
the users password is never accepted.  I also cannot login as a non-root
user directly using SSH.  SSH keys are accepted without problem for that
user, but passwords are not.

I know that I am overlooking something simple.  Can anyone clue me in?
Also, I have been looking for good online NIS references and have not
had the best luck finding one.  Any suggestions?

Thanks, and I will summarize,

Jeff Welsch |
Director, Network Operations
Enviz | Interactive Insight |
1001 Marshall St, Suite 550 | Redwood City, CA 94063
v. 650.780.5847 | f. 650.780.5849
sunmanagers mailing list
sunmanagers mailing list
Received on Mon Jul 1 18:14:13 2002

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:48 EST