Solaris 2.7 NIS client cannot log onto RHL62 NIS server

Solaris 2.7 NIS client cannot log onto RHL62 NIS server

Post by Derrick H » Thu, 06 Jul 2000 04:00:00



I cannot get Solaris 2.7 NIS client to log onto the RHL62 NIS server.
On the client side I am successful in doing "cd ~testacct" and "su -
testacct" (testacct is an NIS account). So I know the automount is
working. Doing "ypcat passwd" I can see testacct with the encrypted
password in the password field. But when I try logging in using
testacct, I failed logging in after supplying the password. It seems
that the Solaris NIS client knows only to look for the local shadow
file but not the passwd.x map transferred from the NIS server. Can
someone please help me or point me to an FAQ? Thanks in advance.

Regards,
D. Ho

 
 
 

Solaris 2.7 NIS client cannot log onto RHL62 NIS server

Post by Andrei Ivan » Fri, 07 Jul 2000 04:00:00



> I cannot get Solaris 2.7 NIS client to log onto the RHL62 NIS server.
> On the client side I am successful in doing "cd ~testacct" and "su -
> testacct" (testacct is an NIS account). So I know the automount is
> working. Doing "ypcat passwd" I can see testacct with the encrypted
> password in the password field. But when I try logging in using
> testacct, I failed logging in after supplying the password. It seems
> that the Solaris NIS client knows only to look for the local shadow
> file but not the passwd.x map transferred from the NIS server. Can
> someone please help me or point me to an FAQ? Thanks in advance.

Compare the following two examples (esp. the second field):

  solaris7# grep username /etc/shadow
  username:VrCV.amoaC5AM:11144::::::

  RHlinux62# grep username /etc/shadow
  username:$1$XKLarzhy$lyQ7Q6J5ZOQbGmdibnSEv.:11144:0:99999:7:-1:-1:134540332

Solaris uses crypt() to encrypt password strings, but RedHat Linux (by default)
stores MD5 hashes in the second field in /etc/shadow, so your solaris box
is unable to authenticate through NIS server run on linux box.

--
andrei

 
 
 

Solaris 2.7 NIS client cannot log onto RHL62 NIS server

Post by Derrick H » Fri, 07 Jul 2000 04:00:00


On the RHL62  NIS server, I took out the md5 from two files namely
/etc/pam.d/login and /etc/pam.d/passwd. I then change the passwd of
the testacct the push the passwd.x maps to the client.
On the Solaris client I then compare the second field with that on the
NIS server. There are the same. I then cut the encrypted password from
the output of ypcat passswd, paste it on the client's /etc/shadow
file. I find that I was able to login onto the testacct this way. This
shows that the Solaris client can read the encrypted password. Taking
the pasted entry out of /etc/shadow will fail log in again.
Inserting a "+" at the end of the passwd, group and shadow didn't help
either. Not even with the "compat" keyword in /etc/nsswitch.conf.
Other than the md5 hashes, is there something that I miss that the
cause the failing authentication on the Solaris nis client?


>> I cannot get Solaris 2.7 NIS client to log onto the RHL62 NIS server.
>> On the client side I am successful in doing "cd ~testacct" and "su -
>> testacct" (testacct is an NIS account). So I know the automount is
>> working. Doing "ypcat passwd" I can see testacct with the encrypted
>> password in the password field. But when I try logging in using
>> testacct, I failed logging in after supplying the password. It seems
>> that the Solaris NIS client knows only to look for the local shadow
>> file but not the passwd.x map transferred from the NIS server. Can
>> someone please help me or point me to an FAQ? Thanks in advance.

>Compare the following two examples (esp. the second field):

>  solaris7# grep username /etc/shadow
>  username:VrCV.amoaC5AM:11144::::::

>  RHlinux62# grep username /etc/shadow
>  username:$1$XKLarzhy$lyQ7Q6J5ZOQbGmdibnSEv.:11144:0:99999:7:-1:-1:134540332

>Solaris uses crypt() to encrypt password strings, but RedHat Linux (by default)
>stores MD5 hashes in the second field in /etc/shadow, so your solaris box
>is unable to authenticate through NIS server run on linux box.

 
 
 

Solaris 2.7 NIS client cannot log onto RHL62 NIS server

Post by Andrei Ivan » Fri, 14 Jul 2000 04:00:00


: On the RHL62  NIS server, I took out the md5 from two files namely
: /etc/pam.d/login and /etc/pam.d/passwd. I then change the passwd of
: the testacct the push the passwd.x maps to the client.
: On the Solaris client I then compare the second field with that on the
: NIS server. There are the same. I then cut the encrypted password from
: the output of ypcat passswd, paste it on the client's /etc/shadow
: file. I find that I was able to login onto the testacct this way. This
: shows that the Solaris client can read the encrypted password. Taking
: the pasted entry out of /etc/shadow will fail log in again.
: Inserting a "+" at the end of the passwd, group and shadow didn't help
: either. Not even with the "compat" keyword in /etc/nsswitch.conf.
: Other than the md5 hashes, is there something that I miss that the
: cause the failing authentication on the Solaris nis client?

Your /etc/nsswitch.conf file may be copied from nsswitch.nis (i.e.
you have to add 'nis' keyword to your passwd: and group: entries,
or use "compat" instead of "files nis").

--
andrei

 
 
 

1. How to get Solaris 7 NIS client to log onto the Redhat8.0 NIS server

On the Solaris 7 NIS client side I am successful in doing "cd ~user"
and "su - user" when i login as root .  Doing "ypcat passwd" ,I can
see password list . Everything seems to be Ok .But when I try logging
in with nis user account ,I got "login incorrect " message .  Another
NIS client machain running Redhat8.0 can successfully login with the
NIS Server .

I saw silimar question posted  here , but no answer! Does anybody know
how to solve this problem ?  Thanks a lot .

2. eth0 is BROKEN after a kernel compile.

3. NIS user cannot login to Solaris NIS client

4. Q: How to print out just the first column of a file

5. NIS : auth problem with Linux nis server and SUN sparc nis client

6. Telnet to Redhat 5.0

7. NIS+ : Can an HP be a NIS client to a Sun NIS+ server

8. XView open/save dialog available??

9. Solaris NIS server and Linux NIS client : problems

10. HPUX NIS Client connecting to SOLARIS NIS Server

11. Solaris 8 Nis+ server and RH Linux 7.3 Nis+ client ---- Problems and Questions

12. linux NIS client not binding to Solaris NIS+ server

13. HP NIS Client to Solaris NIS+ Server.