Hi,
I'm trying to set up NIS in my Solaris 10 but it works only if I 1st login as a root to my server and then "su - myuser". When I try to login (via console or ssh) directly as "myuser" the authentication fails.
If your "ypcat passwd does not include displaying the users' encrypted passwords then:
I'm rusty in this now but you need to copy your /etc/passwd, /etc/shadow and /etc/group files to a separate directory into which you have also copied the NIS Makefile and then run make to populate the NIS database with your users (from passwd) and their passwords (from shadow). If your users have NFS mounted home directories from a central NFS file server you may want to put the auto_home map file into NIS as well.
NIS is no longer in favour because someone may run:
Code:
$ ypcat passwd > textfile.txt
and the run cracker against the text file to determine the users passwords because NIS makes the users' encrypted password world readable.
If your "ypcat passwd does not include displaying the users' encrypted passwords then:
No it doesn't. I think that I now understand the problem: I can access the uids but not the hashed passwords. When I'm root I can su to anybody without any password verification. When I connect as a user, the credentials has to be checked and I do not have the NIS passwords.
Quote:
Originally Posted by TonyFullerMalv
I'm rusty in this now but you need to copy your /etc/passwd, /etc/shadow and /etc/group files to a separate directory into which you have also copied the NIS Makefile and then run make to populate the NIS database with your users (from passwd) and their passwords (from shadow).
If I uderstand, this should be done on the NIS server but I don't have an admin access to the server and even if I had I do not want to "unshadow" the passwords for the security reasons you mention later.
Quote:
Originally Posted by TonyFullerMalv
If your users have NFS mounted home directories from a central NFS file server you may want to put the auto_home map file into NIS as well.
You cannot unshadow NIS except by moving to NIS+ which is complicated and Sun have or are in the process of dropping support for NIS+, I believe an LDAP server (e.g. Sun ONE Directory Service, see: http://docs.sun.com/source/816-6698-10/useracct.html ) is the way to go now.
On the getting the user's passwords included into NIS, it does have to be done on the NIS server so if you do not have root on the NIS server then you will need to ask those who do have root on the NIS server to remake the NIS maps to include a copy of /etc/shadow.
Last edited by TonyFullerMalv; 04-02-2009 at 04:56 PM..
On the getting the user's passwords included into NIS, it does have to be done on the NIS server so if you do not have root on the NIS server then you will need to ask those who do have root on the NIS server to remake the NIS maps to include a copy of /etc/shadow.
It is supposed to be included. From Linux machine it works fine. I think that the problem comes from the fact that the NIS server is a Linux OS which doesn't seem to be compatible with Sun nis client.
The password display issue in NIS can be resolved by creating a passwd.adjunct file in the NIS server.
You can get a lot of help on passwd.adjunct file from the net. I recently configured an NIS environment on my lab (of around 10 machines) and they are running pretty fine.
The password display issue in NIS can be resolved by creating a passwd.adjunct file in the NIS server.
You can get a lot of help on passwd.adjunct file from the net. I recently configured an NIS environment on my lab (of around 10 machines) and they are running pretty fine.
HG
ok. Do you also have a Linux server with Solaris clients ?
Hi there, this may be a beginner's error, but I've been unable to find a solution on my own and by googling, and now I am really stuck on it.
I am simply trying to move directories called for example CAT_Run01.ica to a directory with the corresponding number, Run01, in the same directory.
For... (2 Replies)
Hello.
System : opensuse leap 42.3
I have a bash script that build a text file.
I would like the last command doing :
print_cmd -o page-left=43 -o page-right=22 -o page-top=28 -o page-bottom=43 -o font=LatinModernMono12:regular:9 some_file.txt
where :
print_cmd ::= some printing... (1 Reply)
summary: I have 2 devices on same LAN which tunnel through one gateway to a cluster, using ssh with public keys for password/passphrase-less login. I configured both devices, and those ssh configurations are nearly identical with regard to ssh. From either device I can shell into the cluster.... (2 Replies)
strange :)
can you tell why?:cool:
#!/bin/bash
echo " enter your age "
read age
if ; then
echo " you do not have to pay tax "
elif ]; then
echo " you are eligible for income tax "
else
echo " you dont have to pay tax "
fi (3 Replies)
Hi,
I have line in input file as below:
3G_CENTRAL;INDONESIA_(M)_TELKOMSEL;SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL
My expected output for line in the file must be :
"1-Radon1-cMOC_deg"|"LDIndex"|"3G_CENTRAL|INDONESIA_(M)_TELKOMSEL"|LAST|"SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL"
Can someone... (7 Replies)
Hello All,
I just tried to create NIS master in my x86 vmware machine. I have followed the steps and created the necessary files and installed via ypinit command. Now the issue is after start the services when provide the ypwhich command showing following error. Please assist.
bash-#svcs... (1 Reply)
Hi,
A cron job CJ invokes a shell script SC. SC internally invokes multiple perl scripts. One of the perl scripts deals with Accurev (i am using Accurev CLI).
The first accurev command encountered is
accurev merge -i <<file_name>> (file name has absolute path)
When I run the perl script or... (1 Reply)
If I try to run "kill -14 pid", some processes in my application
get terminated , while some keeps running.
If SIGALRM signal is sent, they should make an exit.
What's the reason any process keeps on running. (1 Reply)
