Almost there, but a few problems
bob at bobsdell.samba.org
Fri Oct 25 10:20:36 EST 2002
On Thu, 24 Oct 2002 02:53, Bruce Baumgart wrote:
> Standard boiler plate: Help!!!
> Trying to add Redhat 7.3 client to an existing Solaris 8 NIS+ domain. I am
> so close that I can see it, but a couple of problems that may even be
> Existing setup, names munged to keep security happy.
> Domain - bar.gov
> Sub-domain - foo.bar.gov
> Server - Solaris 8
> Client - Redhat 7.3 workstation install, gnome brought up at connect.
> Trying to add machine to sub-domain.
> Sub-domain server is my ntpd server.
> I am following Marc Wrubleski's cookbook, with the following exceptions:
> When I tried doing the nisinit -c -H <host>, got the infamous
> foo.bar.gov.:Domain not served by this server
> message. So I copied a cold start file from a working Solaris box and did
> a nisinit -c -C <filename>. That worked, as did the keylogin. Left all of
> the PAM stuff alone, figuring that if it was OK in Redhat 7.2, it should be
> OK in 7.3. After a reboot; domainname and nisdomainname are right; keyserv
> and autofs are running. I am logged on as root, so nisdefaults shows the
> client box as the principal, and it is authenticated. A niscat works.
> Now the problems.
> A "nisls bar.com." works. No other nisls command does. They all fail with
> foo.bar.gov.:Domain not served......
> I try to log on with my working-on-Solaris-machines userid. I get logged
> on and my home directory mounted. Because it is a very Solaris-specific
> logon profile, a bunch of mounts don't work, and the PATH is really really
> broken. I built a .bashrc that corrects the path, and everything dealing
> with the client box seems to work. However, a nisdefaults shows my id as
> the principle, and not authenticated. niscat works, nisls doesn't.
> I have scoured the archive file. Not much there. Next question - Is there
> a searchable archive online somewhere?
> TIA, especially if you made it this far.......
If nisdefaults is returning "not authenticated", then you won't be able to
read the passwords map and hence not login. You need to create a credential
for your NIS+ client on the server using some random secure password. You
then need to run chkey -p on your NIS+ client, giving it the same password,
followed by your root password. If the time on your client are close enough
to the time on your server (use NTP), then you should not be seeing "not
authenticated" in nisdefaults.
More information about the linux-nisplus