On the RHL62 NIS server, I took out the md5 from two files namely
/etc/pam.d/login and /etc/pam.d/passwd. I then change the passwd of
the testacct the push the passwd.x maps to the client.
On the Solaris client I then compare the second field with that on the
NIS server. There are the same. I then cut the encrypted password from
the output of ypcat passswd, paste it on the client's /etc/shadow
file. I find that I was able to login onto the testacct this way. This
shows that the Solaris client can read the encrypted password. Taking
the pasted entry out of /etc/shadow will fail log in again.
Inserting a "+" at the end of the passwd, group and shadow didn't help
either. Not even with the "compat" keyword in /etc/nsswitch.conf.
Other than the md5 hashes, is there something that I miss that the
cause the failing authentication on the Solaris nis client?
>> I cannot get Solaris 2.7 NIS client to log onto the RHL62 NIS server.
>> On the client side I am successful in doing "cd ~testacct" and "su -
>> testacct" (testacct is an NIS account). So I know the automount is
>> working. Doing "ypcat passwd" I can see testacct with the encrypted
>> password in the password field. But when I try logging in using
>> testacct, I failed logging in after supplying the password. It seems
>> that the Solaris NIS client knows only to look for the local shadow
>> file but not the passwd.x map transferred from the NIS server. Can
>> someone please help me or point me to an FAQ? Thanks in advance.
>Compare the following two examples (esp. the second field):
> solaris7# grep username /etc/shadow
> RHlinux62# grep username /etc/shadow
>Solaris uses crypt() to encrypt password strings, but RedHat Linux (by default)
>stores MD5 hashes in the second field in /etc/shadow, so your solaris box
>is unable to authenticate through NIS server run on linux box.