Very Computer

Today, I had to change the password of a student who forgot his.  In
SunOS 4.1.3 and YellowPages/NIS, this was an easy thing --> just use
"yppasswd user" and all is well.

But I'm using Solaris 2.2 and NIS+.  This fact, combined with the crazy
new credential-based security, really screwed up the process.  First,
"nispasswd user" prompted me for the old login password -- WHICH THE USER
FORGOT!  So that was out.  I then simply blanked out the "passwd" column
in the passwd.org_dir NIS+ map.  This worked for "nispasswd user", but
now the user's credentials were screwed -- the program asked for the old
login password to update the credentials map.  I ended up using nistbladm
to delete BOTH the user's passwd.org_dir entry AND the user's
cred.org_dir entry.  Then I added the user through the "admintool"
channel, but did not create the home directory.  Now, all is well.

So, a task that took me 2 minutes in SunOS 4.1.3 now took me 30 minutes
today with Solaris 2.2.  No, I don't want to hear "told you so"...

Is there a better way to do this?  A script, perhaps, or a one-liner to
"nistbladm"?  I'll gladly summarize...it'll help me better understand
NIS+ and all its glorious wonders!

Thanks.

      Mike Jipping
      Hope College Department of Computer Science

      "That one wasn't on very good."
                            -- my 3 year old daughter remarking
                               on a fallen tree during a hike

|> Today, I had to change the password of a student who forgot his.  In
|> SunOS 4.1.3 and YellowPages/NIS, this was an easy thing --> just use
|> "yppasswd user" and all is well.  
|>
|> But I'm using Solaris 2.2 and NIS+.  This fact, combined with the crazy
|> new credential-based security, really screwed up the process.  First,
|> "nispasswd user" prompted me for the old login password -- WHICH THE USER
|> FORGOT!  So that was out.  I then simply blanked out the "passwd" column
|> in the passwd.org_dir NIS+ map.  This worked for "nispasswd user", but
|> now the user's credentials were screwed -- the program asked for the old
|> login password to update the credentials map.  I ended up using nistbladm
|> to delete BOTH the user's passwd.org_dir entry AND the user's
|> cred.org_dir entry.  Then I added the user through the "admintool"
|> channel, but did not create the home directory.  Now, all is well.
|>
|> So, a task that took me 2 minutes in SunOS 4.1.3 now took me 30 minutes
|> today with Solaris 2.2.  No, I don't want to hear "told you so"...
|>
|> Is there a better way to do this?  A script, perhaps, or a one-liner to
|> "nistbladm"?  I'll gladly summarize...it'll help me better understand
|> NIS+ and all its glorious wonders!

I know the feeling.

Try starting with
        nisaddcred -r user.domain.com.
        nisaddcred -p 1234 -P user.domain.com. local

Matt
--

Within admintool, you can change the user's password without knowing
his or her old one.

--

Medical Diagnostic Computing GmbH, Dppelstr. 71, 24105 Kiel, Germany,
Office Voice: 49-431-804220, Fax: 49-431-804230