11-13-2008
We do this all the time but we don't use NIS, just LDAP. I have noticed some language at Sun's site that the two don't mix. Only one I can find right now:
passwd(1) - change login password and password attributes (man pages section 1: User Commands) - Sun Microsystems
Quote:
If all requirements are met, by default, the passwd command will consult /etc/nsswitch.conf to determine in which repositories to perform password update. It searches the passwd and passwd_compat entries. The sources (repositories) associated with these entries will be updated. However, the password update configurations supported are limited to the following cases. Failure to comply with the configurations will prevent users from logging onto the system. The password update configurations are:
passwd: files
passwd: files ldap
passwd: files nis
passwd: files nisplus
passwd: compat (==> files nis)
passwd: compat (==> files ldap)
passwd_compat: ldap
passwd: compat (==> files nisplus)
passwd_compat: nisplus
10 More Discussions You Might Find Interesting
1. Linux
Hi,
I have edited 'sudoers' file to allow 'cads' user shutdown the system without providing a password.
Can someone tell me what's wrong with my file?
It's not working when I 'sudo SHUTDOWN' command:
sudo: SHUTDOWN: command not found
Thanks a lot!
# Host alias specification... (4 Replies)
Discussion started by: whatisthis
4 Replies
2. Red Hat
RedHat ELS 5.2 & Sun directory
getent passwd: works
toto:*:1000:100:toto:/home/toto:/bin/bash
getent group: works
mygroup:*:10001:1000,1001
but id toto doesnt works :(
uid=1000(toto) gid=100(users) groupes=100(users)
BTW in /etc/ldap.conf i use a different mapping for the posix... (4 Replies)
Discussion started by: sncr24
4 Replies
3. Linux
I´m using LDAP for groups and NFS for home dirs. My problem is as follows:
I only have a few groups, so it's not the problem everyone else had. When I've mounted a disk over NFS, I need to have my primary group in order to read in the groups I'm a member of. Secondary groups is not working.
... (0 Replies)
Discussion started by: velmont
0 Replies
4. UNIX for Advanced & Expert Users
i have defined a rule in the sudoers file so a specific user is able to run some commands as sudo with no password.
my question is: is it possible to restrict a user to run commands as sudo only in a certain directory? for example: chown only the files that are located in /var/tmp.
Thank you.
... (2 Replies)
Discussion started by: noam128
2 Replies
5. UNIX and Linux Applications
Greetings!! I am attempting to solve a rather thorny issue and I was hoping that someone might have some insight into what is going on here..
At this point I have an openLDAP server that is working quite splendidly! :)
I have a working directory with users able to authenticate it and TLS... (2 Replies)
Discussion started by: bluethundr
2 Replies
6. Shell Programming and Scripting
Well, sudo is a great tool for delegating permissions among admins. But, it's really hard to find a great tool which would give an interactive way of editing /etc/sudoers file. Now, when I say "editing", I really refer to add new groups, users, aliases in the /etc/sudoers file. visudo is great... (2 Replies)
Discussion started by: admin_xor
2 Replies
7. UNIX for Dummies Questions & Answers
i want run query to identify witch groups that user A belong,
CN=name,CN=Users,DC=mydomain ?? (1 Reply)
Discussion started by: prpkrk
1 Replies
8. UNIX for Dummies Questions & Answers
Hi
using Solaris 10. trying to update /etc/sudoers file
I need to add all the fist level operation team. This is what I have but it doesn't seem to work. Please help.Error message
sudo su -
>>> sudoers file: parse error, line 9 <<<
>>> sudoers file: parse error, line 9 <<<
... (2 Replies)
Discussion started by: samnyc
2 Replies
9. Solaris
In the sudoers file in Solaris...
I am trying to limit the DEVELOPER user privileges to where those users can only use the “rm” command in certain directories. This is to prevent them from deleting directories or files and destroying a server. I want them to be able to use the "rm" command but... (1 Reply)
Discussion started by: nzonefx
1 Replies
10. UNIX and Linux Applications
Hello :)
we use LDAP with sudoers about 4 years. Works fine. But we have one problem with members of the admingroup (wheel). This users can do every command with sudo and with there privat password. But when they also are member to another special group, like sysadmin:
Sysadmin is allowed to... (0 Replies)
Discussion started by: darktux
0 Replies
PASSWD(1) BSD General Commands Manual PASSWD(1)
NAME
passwd -- modify a user's password
SYNOPSIS
passwd [-i infosystem [-l location]] [-u authname] [user]
DESCRIPTION
The passwd utility changes the user's password. If the user is not the super-user, passwd first prompts for the current password and will
not continue unless the correct password is entered.
When entering the new password, the characters entered do not echo, in order to avoid the password being seen by a passer-by. The passwd
utility prompts for the new password twice in order to detect typing errors.
The new password should be at least six characters long and not purely alphabetic. Its total length should be less than _PASSWORD_LEN (cur-
rently 128 characters), although some directory systems allow longer passwords. Numbers, upper case letters, and meta characters are encour-
aged.
Once the password has been verified, passwd communicates the new password to the directory system.
-i infosystem
This option specifies where the password update should be applied. Under Mac OS X 10.5 and later, supported directory systems are:
PAM (default) Pluggable Authentication Modules.
opendirectory
A system conforming to Open Directory APIs and supporting updates (including LDAP, etc). If no -l option is specified, the
search node is used.
file The local flat-files (included for legacy configurations).
nis A remote NIS server containing the user's password.
-l location
This option causes the password to be updated in the given location of the chosen directory system.
for file,
location may be a file name (/etc/master.passwd is the default)
for nis,
location may be a NIS domainname
for opendirectory,
location may be a directory node name
for PAM,
location is not used
-u authname
This option specifies the user name to use when authenticating to the directory node.
user This optional argument specifies the user account whose password will be changed. This account's current password may be required,
even when run as the super-user, depending on the directory system.
FILES
/etc/master.passwd The user database
/etc/passwd A Version 7 format password file
/etc/passwd.XXXXXX Temporary copy of the password file
SEE ALSO
chpass(1), login(1), dscl(1), passwd(5), pwd_mkdb(8), vipw(8)
Robert Morris and Ken Thompson, UNIX password security.
HISTORY
A passwd command appeared in Version 6 AT&T UNIX.
Mac OS X August 18, 2008 Mac OS X