NIS+ client on Redhat 9

Scott Mewett mewett at cisco.com
Fri May 16 06:40:46 EST 2003 

What's your /etc/nsswitch.conf look like?

Scott

On Thu, 2003-05-15 at 13:37, wlwalker at datasync.com wrote:
> Thank you for your patience with me. Doug was quite right in that I didn't have pam_unix2.so on my system.  So, I installed it, and changed my /etc/pam.d/login from his suggestions:
> 
> $ more login
> #%PAM-1.0
> auth       required     pam_securetty.so
> #auth       required    pam_stack.so service=system-auth
> auth       requisite    /root/installed_sw/pam_unix2-1.16/src/pam_unix2.so set_secrpc
> auth       required     pam_nologin.so
> #account    required    pam_stack.so service=system-auth
> #password   required    pam_stack.so service=system-auth
> #session    required    pam_stack.so service=system-auth
> session    optional     pam_console.so
> 
> When I try to telnet to the client, I get a "login incorrect" error with a NIS+ domain account, and a "user account has expired, connection closed by local host" error with an account that is local to the system.
> 
> As root, when I try to su - <nis domain account>, I get: su: user wendy does not exist.  When I niscat passwd.org_dir | grep wendy, I get back the normal info:  wendy:<encrypted password>: user description: home directory : shell (I did put a link to where Sun expects csh):expiration:::::::
> 
> >>I suggest running the tests with su so that debugging is easier.  You will need to edit pam.d/su in a similar fashion as login.
> 
> I'm sorry but I don't know how to do that.  I am new to Linux.  I usually work on Solaris and not with pam. My su file looks like this:
> 
> $ more su
> #%PAM-1.0
> auth       sufficient   /lib/security/$ISA/pam_rootok.so
> # Uncomment the following line to implicitly trust users in the "wheel" group.
> #auth       sufficient   /lib/security/$ISA/pam_wheel.so trust use_uid
> # Uncomment the following line to require a user to be in the "wheel" group.
> #auth       required     /lib/security/$ISA/pam_wheel.so use_uid
> auth       required     /lib/security/$ISA/pam_stack.so service=system-auth
> account    required     /lib/security/$ISA/pam_stack.so service=system-auth
> password   required     /lib/security/$ISA/pam_stack.so service=system-auth
> session    required     /lib/security/$ISA/pam_stack.so service=system-auth
> session    optional     /lib/security/$ISA/pam_xauth.so
> 
> The rpcinfo -p from the NIS+ master is:
> 
> rpcinfo -p <linux box>
>    program vers proto   port  service
>     100000    2   tcp    111  rpcbind
>     100000    2   udp    111  rpcbind
>     100024    1   udp  32768  status
>     100024    1   tcp  32768  status
>     391002    2   tcp  32769
>     100029    1   udp    760  keyserv
>     100029    2   udp    760  keyserv
>  
> Thank you,
> Wendy
> 
> 
> 
> 
> 
>

More information about the linux-nisplus mailing list