su - <user-of-master> on box-nis+ got ok !

Mauricio Brigato mauricio at bit.fmrp.usp.br
Wed Aug 21 01:06:26 EST 2002


On 20 Aug 2002, Scott Croft wrote:

> Date: 20 Aug 2002 08:40:54 -0600
> From: Scott Croft <secroft at micron.com>
> To: Mauricio Brigato <mauricio at gordon.fmrp.usp.br>
> Cc: Lista de discussao do nisplus <linux-nisplus at lists.samba.org>
> Subject: RE: su - <user-of-master> on box-nis+ got ok !
>
> So on to another thing to look at. Have you done a keylogin on the
> client? i.e. has the secret key for root on the client been set? That
> should not affect another user logging in, but it is something to check.
Yes, I've done a keylogin on client (with root).

>
> Please attach the following files so we all can look at them.
>
> nsswitch.conf
> /etc/pam.d/login
> /etc/pam.d/system-auth
>
I'll send them in next mail.

Thank you.
Mauricio.

> You may have a typo that you're not catching and we may see something to
> help you out.
>
> Scott
>
>
> On Tue, 2002-08-20 at 08:37, Mauricio Brigato wrote:
> > This message uses a character set that is not supported by the Internet=
 Service.  To view the original message content,  open the attached message=
=2E If the text doesn't display correctly, save the attachment to disk, and=
 then open it using a viewer that can display the original character set. <=
<message.txt>>
> > ----
> >
>
> > Received: from mail-srv2.micron.com ([137.201.97.134]) by ntexchange01.=
micron.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.=
2653.13)
> > =09id Q6R56PNB; Tue, 20 Aug 2002 08:36:20 -0600
> > Received: from mail-srv2.micron.com (localhost [127.0.0.1])
> > =09by mail-srv2.micron.com (8.11.1/8.11.1) with ESMTP id g7KEaLA22273
> > =09for <secroft at ntexchange01>; Tue, 20 Aug 2002 08:36:21 -0600 (MDT)
> > Received: from jade.micron.com (jade.micron.com [137.201.240.22])
> > =09by mail-srv2.micron.com (8.11.1/8.11.1) with SMTP id g7KEaKv22263
> > =09for <secroft at micron.com>; Tue, 20 Aug 2002 08:36:20 -0600 (MDT)
> > Received: from gordon.fmrp.usp.br (gordon.fmrp.usp.br [143.107.223.151]=
)
> > =09by jade.micron.com (8.12.2/8.12.2) with SMTP id g7KEbtCt020718
> > =09for <secroft at micron.com>; Tue, 20 Aug 2002 08:37:56 -0600 (MDT)
> > Received: from gordon.fmrp.usp.br (gordon.fmrp.usp.br [143.107.223.151]=
)
> > =09by gordon.fmrp.usp.br (8.11.6+Sun/8.11.6) with ESMTP id g7KEbXQ21809=
;
> > =09Tue, 20 Aug 2002 11:37:44 -0300 (EST)
> > Date: Tue, 20 Aug 2002 11:37:33 -0300 (EST)
> > From: Mauricio Brigato <mauricio at gordon.fmrp.usp.br>
> > X-X-Sender:  <mauricio at gordon.fmrp.usp.br>
> > To: Scott Croft <secroft at micron.com>
> > cc: Mauricio Brigato <mauricio at gordon.fmrp.usp.br>,
> >    Lista de discussao do nisplus <linux-nisplus at lists.samba.org>
> > Subject: RE: su - <user-of-master> on box-nis+ got ok !
> > In-Reply-To: <1029849548.2765.3.camel at secroft-lnx>
> > Message-ID: <Pine.GSO.4.33.0208201127080.21247-100000 at gordon.fmrp.usp.b=
r>
> > MIME-Version: 1.0
> > Content-Type: TEXT/PLAIN; charset=3DX-UNKNOWN
> > Content-Transfer-Encoding: QUOTED-PRINTABLE
> > X-MTFilter-%I%: jade
> > X-MTHubFilter-1.6: mail-srv2
> >
> > Hi, thank you for your patience and helping.
> >
> > On 20 Aug 2002, Scott Croft wrote:
> >
> > > Date: 20 Aug 2002 07:19:08 -0600
> > > From: Scott Croft <secroft at micron.com>
> > > To: Mauricio Brigato <mauricio at gordon.fmrp.usp.br>
> > > Cc: Lista de discussao do nisplus <linux-nisplus at lists.samba.org>
> > > Subject: RE: su - <user-of-master> on box-nis+ got ok !
> > >
> > > Your root login should always be local. If you're authenticating then
> > > you're okay. Now it comes down to the users, which of course you are
> > > having issues with.
> > >
> > > Are you seeing any errors when you do the su - <username>? Please pas=
s
> > No errors I see.
> > Only that I think the root of a linux client
> > could never get through the login of a user
> > from the NIS+ server (a NIS domain too)! Am I wrong?
> >
> >
> > > them along. Is keyserv running?
> > Yes, my keyserv is running.
> >
> > >  Are you mounting a /home partition when
> > > the system boots or is it just a directory under / ?
> > It's just a directory under /.
> > But I want mount it when the system boots.
> >
> > I did mount /home on my client /home. It was
> > a matter of rights on server.
> >
> >
> >
> > >
> > > We will get you up and running!
> > >
> > > Scott
> > >
> > > On Tue, 2002-08-20 at 07:02, Mauricio Brigato wrote:
> > > >
> > > >
> > > >
> > > >
> > > > I setup the client (RH 7.2) with everything you gave me.
> > > > But didn't do that with my server (Solaris 5.8). It was already
> > > > setup to NIS+.
> > > > The client is not in the admin group. I didn't defined it (it was
> > > > another doubt of mine. Shall I have to create it??!!
> > > > It does authenticate it! I did niscat passwd.org_dir and
> > > > I saw encrypted passwords.
> > > >
> > > > But, I have a problem right here.
> > > > I login in the client with root, then
> > > > make a su - <user-of-Solaris-NIS+-server>
> > > > and I can get it, authenticate it, do niscat, keylogin,
> > > > etc. This root of client is WITH POWER of ROOT of ROOT
> > > > MASTER of my SOLARIS SERVER!
> > > > Do I have to remove the root client's credential from
> > > > NIS+ server? What's wrong with it?
> > > >
> > > >
> > > > ---------- Original Message -----------
> > > > From: secroft <secroft at micron.com>
> > > > To: "'Mauricio Brigato'" <mauricio at gordon.fmrp.usp.br>
> > > > Sent: Mon, 19 Aug 2002 14:41:42 -0600
> > > > Subject: RE: su - <user-of-master> on box-nis+ got ok !
> > > >
> > > > > If you setup the server with the information I gave you, every us=
er
> > > > > in the domain should be able to login to the client, your RH 7.2 =
syst=3D
> > em.
> > > > > If you are still having issues, then you need to check the
> > > > > authentication of the client with the server. Is it in the admin
> > > > > group? Does it authenticate? If you do a niscat passwd, do the
> > > > > encrypted passwords show up, or do you see *NP*? If you see *NP*,
> > > > >  the there is no authentication.
> > > > >
> > > > > Scott
> > > > >
> > > > > -----Original Message-----
> > > > > From: Mauricio Brigato [mailto:mauricio at gordon.fmrp.usp.br]
> > > > > Sent: Monday, August 19, 2002 2:38 PM
> > > > > To: Scott Croft
> > > > > Cc: Lista de discussao do nisplus
> > > > > Subject: Re: su - <user-of-master> on box-nis+ got ok !
> > > > >
> > > > > Sorry.
> > > > > I made a confusion about my passwords.
> > > > > But, what I wanted say is the following:
> > > > > - my NIS+ root master is a Solaris server;
> > > > > - my linux box is a Red Hat 7.2.
> > > > >
> > > > > I have a trouble: on my client, at a console,
> > > > > I can't login with a user defined in server.
> > > > >
> > > > > I have to create a specific user credential to that
> > > > > machine or it's just enough the user to be
> > > > > defined in my NIS+ domain then every user
> > > > > who has credential for domain may login in
> > > > > any client machine and authenticate to domain ?
> > > > >
> > > > > --------------------------------------
> > > > >       Mauricio Brigato
> > > > > --------------------------------------
> > > > >
> > > > > ---------- Original Message -----------
> > > > > From: Scott Croft <secroft at micron.com>
> > > > > To: Mauricio Brigato <mauricio at gordon.fmrp.usp.br>
> > > > > Sent: 19 Aug 2002 09:48:59 -0600
> > > > > Subject: Re: su - <user-of-master> on box-nis+ got ok !
> > > > >
> > > > > > I'm not quite sure what you are having issues with? What do you=
 mea=3D
> > n
> > > > > > by the user of the NIS+ root master? If your system is using NI=
S+,
> > > > > > any user in the domain should be able to log into the system.
> > > > > >
> > > > > > Scott
> > > > > >
> > > > > > On Fri, 2002-08-16 at 09:45, Mauricio Brigato wrote:
> > > > > > > I have a trouble.
> > > > > > > From a NIS+ box I've got the user of a NIS+ root master.
> > > > > > > But I shouldn't get it.
> > > > > > > What's wrong?
> > > > > > >
> > > > > > >
> > > > > > >     Mauricio Brigato
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > mauricio at bit.fmrp.usp.br
> > > > > > --
> > > > > > Scott Croft
> > > > > > Unix Services
> > > > > > Micron Technology, Inc.
> > > > > > (208) 368-1586
> > > > > > secroft at micron.com
> > > > > ------- End of Original Message -------
> > > > >
> > > > > mauricio at bit.fmrp.usp.br
> > > > ------- End of Original Message -------
> > > >
> > > >
> > > > mauricio at bit.fmrp.usp.br
> > > --
> > > Scott Croft
> > > Unix Services
> > > Micron Technology, Inc.
> > > (208) 368-1586
> > > secroft at micron.com
> > >
> > >
> > >
> >
> > -------------------------------------------------------------
> >       Mauricio Brigato
> >       Analista de Sistemas - Suporte BIT - BioInformatic Team
> >       Funda=3DE7=3DE3o Hemocentro de Ribeir=3DE3o Preto
> >       Fone: +55 16 3963-9300  Fax: +55 16 3963-9309
> >       E-mail: mauricio at bit.fmrp.usp.br
> >       Homepage: http://bit.fmrp.usp.br/
> > -------------------------------------------------------------
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> --
> Scott Croft
> Unix Services
> Micron Technology, Inc.
> (208) 368-1586
> secroft at micron.com
>
>

-------------------------------------------------------------
      Mauricio Brigato
      Analista de Sistemas - Suporte BIT - BioInformatic Team
      Funda=E7=E3o Hemocentro de Ribeir=E3o Preto
      Fone: +55 16 3963-9300  Fax: +55 16 3963-9309
      E-mail: mauricio at bit.fmrp.usp.br
      Homepage: http://bit.fmrp.usp.br/
-------------------------------------------------------------


















More information about the linux-nisplus mailing list