|
|
Sponsored Content
06-09-2010
The yppasswdd daemon must run on both the client and server for password changes to work correctly. Check to see if yppasswdd is in fact running on the client.
HTH.
Nitin
HTH.
Nitin
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hello all,
I'm not sure if this is the right forum, but I would like to know if Redhat running NIS ( not NIS +) would have conflict with Solaris running NIS+. Currently I am running NIS+ on Solaris but will be adding RedHat to the network. I seem to be unable to find and information regarding... (2 Replies)
Discussion started by: larry
2 Replies
2. IP Networking
Hello together.
Is there someone who is able to explain me the differences between NIS and NIS+.
thanks in advance
joerg (2 Replies)
Discussion started by: joerg
2 Replies
3. UNIX for Dummies Questions & Answers
Hi all,
I just took over the admin role from someone and I wanna setup sendmail (just to send mail from the host) however, after I config all the resolv.conf, nssitch.conf, hosts file and when I try to send a mail out, after I punched ctl-D, it returned he following,
"NIS map mail.aliases... (2 Replies)
Discussion started by: stancwong
2 Replies
4. UNIX for Advanced & Expert Users
We have a RedHat 8.0 NIS master, with a RedHat 8.0 NIS Slave.
We also have a small number of SUSE 9.1 and SUSE 10 machines here for evaluation.
However, no matter what i do, the SUSE machines will not talk to the NIS Servers.
If i broadcast for NIS Servers for the specified NIS domain, it... (1 Reply)
Discussion started by: fishsponge
1 Replies
5. Solaris
Hi Guys,
I have lots of doubts regarding NIS+.I also think by basics could be wrong......I am trying to pick up stuff from documents which are a bit murky. I am working on production environment so I am afraid of trial and error! Please help.
1) What is the difference between root domain master... (1 Reply)
Discussion started by: nitinkgoud
1 Replies
6. Solaris
i want to dedicate my nis client system to some perticler group users.
how can it possible on solaris. (0 Replies)
Discussion started by: nag.mi2000
0 Replies
7. Solaris
hai any body send me the replay please.
is it necessary to configure NFS , before configuring NIS on solaris9 or solaris10. (1 Reply)
Discussion started by: nag.mi2000
1 Replies
8. Solaris
Hi, all.
I have a Solaris client here needs to bind to NIS server in another subnet. Following is the configuration i made on the client,
1) edit /etc/inet/hosts to add an entry of the NIS server -- nserver01
2) execute `domainname` to set local NIS domain to the domain of the NIS server.... (1 Reply)
Discussion started by: sn_wukong
1 Replies
9. Shell Programming and Scripting
I'm creating a scrip for auditing our AIX box's to ensure that they are built according to our system standards. I'm not sure on the logic for checking to see if the NIS and NIS+ services are disabled. any idea's? (2 Replies)
Discussion started by: sport
2 Replies
10. Red Hat
Hi,
I am new to NIS, In my company need to create a user with admin rights and the user was created but he is unable to login. below are the difference i am getting for me and him.
root@ abc]# getent passwd cric
cric:x:60215:20059:a:/home/cric:/bin/csh
# ypcat passwd | grep sam... (5 Replies)
Discussion started by: phanidhar6039
5 Replies
LEARN ABOUT DEBIAN
rpc.yppasswdd
RPC.YPPASSWDD(8) RPC.YPPASSWDD(8) NAME
rpc.yppasswdd - NIS password update daemon SYNOPSIS
rpc.yppasswdd [-D directory] [-e chsh|chfn] [--port number] rpc.yppasswdd [-s shadow] [-p passwd] [-e chsh|chfn] [--port number] rpc.yppasswdd -x program|-E program [-e chsh|chfn] [--port number] DESCRIPTION
rpc.yppasswdd is the RPC server that lets users change their passwords in the presence of NIS (a.k.a. YP). It must be run on the NIS master server for that NIS domain. When a yppasswd(1) client contacts the server, it sends the old user password along with the new one. rpc.yppasswdd will search the sys- tem's passwd file for the specified user name, verify that the given (old) password matches, and update the entry. If the user specified does not exist, or if the password, UID or GID doesn't match the information in the password file, the update request is rejected, and an error returned to the client. If this version of the server is compiled with the CHECKROOT=1 option, the password given is also checked against the systems root pass- word. After updating the passwd file and returning a success notification to the client, rpc.yppasswdd executes the pwupdate script that updates the NIS server's passwd.* and shadow.byname maps. This script assumes all NIS maps are kept in directories named /var/yp/nisdomain that each contain a Makefile customized for that NIS domain. If no such Makefile is found, the scripts uses the generic one in /var/yp. OPTIONS
The following options are available: -D directory The passwd and shadow files are located under the specified directory path. rpc.yppasswdd will use this files, not /etc/passwd and /etc/shadow. This is useful if you do not want to give all users in the NIS database automatic access to your NIS server. -E program Instead of rpc.yppasswdd editing the passwd & shadow files, the specified program will be run to do the editing. The following envi- ronment variables will be set for the program: YP_PASSWD_OLD, YP_PASSWD_NEW, YP_USER, YP_GECOS, YP_SHELL. The program should return an exit status of 0 if the change completes successfully, 1 if the change completes successfully but pwupdate should not be run, and otherwise if the change fails. -p passwdfile This options tells rpc.yppasswdd to use a different source file instead of /etc/passwd This is useful if you do not want to give all users in the NIS database automatic access to your NIS server. -s shadowfile This options tells rpc.yppasswdd to use a different source file instead of /etc/passwd. See below for a brief discussion of shadow support. -e [chsh|chfn] By default, rpc.yppasswdd will not allow users to change the shell or GECOS field of their passwd entry. Using the -e option, you can enable either of these. Note that when enabling support for ypchsh(1), you have to list all shells users are allowed to select in /etc/shells. -x program When the -x option is used, rpc.yppasswdd will not attempt to modify any files itself, but will instead run the specified program, passing to its stdin information about the requested operation(s). There is a defined protocol used to communicate with this exter- nal program, which has total freedom in how it propagates the change request. See below for more details on this. -m Will be ignored, for compatibility with Solaris only. --port number rpc.yppasswdd will try to register itself to this port. This makes it possible to have a router filter packets to the NIS ports. -v --version Prints the version number and if this package is compiled with the CHECKROOT option. MISCELLANEOUS
Shadow Passwords Using Shadow passwords alongside NIS does not make too much sense, because the supposedly inaccesible passwords now become readable through a simple invocation of ypcat(1). Shadow support in rpc.yppasswdd does not mean that it offers a very clever solution to this problem, it simply means that it can read and write password entries in the system's shadow file. You have to produce a shadow.byname NIS map to distribute password information to your NIS clients. rpc.yppasswdd will search at first in the /etc/passwd file for the user and password. If it find's the user, but the password is "x" and a /etc/shadow file exists, it will update the password in the shadow map. Use of the -x option The program should expect to read a single line from stdin, which is formatted as follows: <username> o:<oldpass> p:<password> s:<shell> g:<gcos> where any of the three fields [p, s, g] may or may not be present. This program should write "OK " to stdout if the operation succeeded. On any other result, rpc.yppasswdd will report failure to the client. Note that the program specified by the -x option is responsible for doing any NIS make and build, and for doing any necessary validation on the shell and gcos field information supplied. The password passed to the client will be in UNIX crypt() format. Logging rpc.yppasswdd logs all password update requests to syslogd(8)'s auth facility. The logging information includes the originating host's IP address and the user name and UID contained in the request. The user-supplied password itself is not logged. Security Unless I've screwed up completely (as I did with versions prior to version 0.5), rpc.yppasswdd should be as secure or insecure as any pro- gram relying on simple password authentication. If you feel that this is not enough, you may want to protect rpc.yppasswdd from outside access by using the `securenets' feature of the new portmap(8) version 3. Better still, use Kerberos. COPYRIGHT
rpc.yppasswdd is copyright (C) Olaf Kirch. You can use and distribute it under the GNU General Public License Version 2. Note that it does not contain any code from the shadow password suite. FILES
/usr/sbin/rpc.yppasswdd /usr/lib/yp/pwupdate /etc/passwd /etc/shadow SEE ALSO
passwd(5), shadow(5), passwd(1), yppasswd(1), ypchsh(1), ypchfn(1), ypserv(8), ypcat(1) The Network Information Service (NIS) was formerly known as Sun Yellow Pages (YP). The functionality of the two remains the same; only the name has changed. The name Yellow Pages is a registered trademark in the United Kingdom of British Telecommunications plc, and may not be used without permission. AUTHOR
Olaf Kirch, <okir@monad.swb.de> Thorsten Kukuk, <kukuk@suse.de> YP Server August 2001 RPC.YPPASSWDD(8)