I´m using LDAP for groups and NFS for home dirs. My problem is as follows:
I only have a few groups, so it's not the problem everyone else had. When I've mounted a disk over NFS, I need to have my primary group in order to read in the groups I'm a member of. Secondary groups is not working.
But it works if I change the group to primary by hand with newgrp:
But my users cannot be expected to do this!
It works on the server holding the user files. But not over NFS.
I've tested this on clients: Ubuntu: 9.10 Karmic, 9.04 Jaunty, 8.10 Intrepid
The NFS server is running: Ubuntu 9.04 Jaunty.
Hello All,
I am a newbee in HP UX wanted to know how to configure DNS,NFS,NIS,LDAP and LVM(mirror,sparing and multipathing) in HP UX 11iv2 and v3 and i did go through some of the docs on hp.com but i think those are for experience UX users and i am new to this so if some one could just mention... (1 Reply)
Hello gurus,
I've been working on a sudoers file to work with groups in LDAP. I've created the groups in LDAP and added the users to there respective groups. I've also setup my sudoers file to have the groups match what is in LDAP. And I've added ldap to nsswitch.conf in the group line. The... (6 Replies)
RedHat ELS 5.2 & Sun directory
getent passwd: works
toto:*:1000:100:toto:/home/toto:/bin/bash
getent group: works
mygroup:*:10001:1000,1001
but id toto doesnt works :(
uid=1000(toto) gid=100(users) groupes=100(users)
BTW in /etc/ldap.conf i use a different mapping for the posix... (4 Replies)
Hi all,
I am very new to ldap and am facing the below difficulty.
When I try to add something to ldap, I get this:
server# /opt/iexpress/openldap/bin/ldapmodify -f almondabc.ldif -h 127.0.0.1 -xv -D cn=Manager,dc=almondabc,dc=com -w secret
ldap_initialize( ldap://127.0.0.1 )
add o:
... (0 Replies)
I can't seem to make sense of this.
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 5.2 Beta (Tikanga)
$
$ mount
/dev/sda2 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/sda1 on... (6 Replies)
hi guys
I am doing some testing for DNS
I got a master DNS(192.168.2.10) and I setup a slave DNS(192.168.2.11) but when I shutdown the Master DNS my linux client cannot resolve using the slave
any idea way?
This is the named.conf
options
{
query-source port 53;
directory... (9 Replies)
I am having an issue with getting the proper group settings on NFS-shared directories.
NFS server, NFServe, nfs-shares hundreds of project directories...running Solaris 10 latest patches/updates.
SAS server, SAServe, statistical analysis server running on RedHat 7 with latest kernel/patches/etc.... (14 Replies)
Discussion started by: cjhilinski
14 Replies
LEARN ABOUT CENTOS
keylogin
keylogin(1) User Commands keylogin(1)NAME
keylogin - decrypt and store secret key with keyserv
SYNOPSIS
/usr/bin/keylogin [-r]
DESCRIPTION
The keylogin command prompts for a password, and uses it to decrypt the user's secret key. The key may be found in the /etc/publickey file
(see publickey(4)) or the NIS map ``publickey.byname'' or the NIS+ table ``cred.org_dir'' in the user's home domain. The sources and
their lookup order are specified in the /etc/nsswitch.conf file. See nsswitch.conf(4). Once decrypted, the user's secret key is stored by
the local key server process, keyserv(1M). This stored key is used when issuing requests to any secure RPC services, such as NFS or NIS+.
The program keylogout(1) can be used to delete the key stored by keyserv .
keylogin will fail if it cannot get the caller's key, or the password given is incorrect. For a new user or host, a new key can be added
using newkey(1M), nisaddcred(1M), or nisclient(1M).
If multiple authentication mechanisms are configured for the system, each of the configured mechanism's secret key will be decrypted and
stored by keyserv(1M). See nisauthconf(1M) for information on configuring multiple authentication mechanisms.
OPTIONS -r Update the /etc/.rootkey file. This file holds the unencrypted secret key of the superuser. Only the superuser may use this
option. It is used so that processes running as superuser can issue authenticated requests without requiring that the administra-
tor explicitly run keylogin as superuser at system startup time. See keyserv(1M). The -r option should be used by the administra-
tor when the host's entry in the publickey database has changed, and the /etc/.rootkey file has become out-of-date with respect
to the actual key pair stored in the publickey database. The permissions on the /etc/.rootkey file are such that it may be read
and written by the superuser but by no other user on the system.
If multiple authentication mechanisms are configured for the system, each of the configured mechanism's secret keys will be stored
in the /etc/.rootkey file.
FILES
/etc/.rootkey superuser's secret key
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
SEE ALSO chkey(1), keylogout(1), login(1), keyserv(1M), newkey(1M), nisaddcred(1M), nisauthconf(1M), nisclient(1M), nsswitch.conf(4), publickey(4),
attributes(5)NOTES
NIS+ might not be supported in future releases of the SolarisTM Operating Environment. Tools to aid the migration from NIS+ to LDAP are
available in the Solaris 9 operating environment. For more information, visit http://www.sun.com/directory/nisplus/transition.html.
SunOS 5.10 10 Dec 2001 keylogin(1)