NIS (YP) on 2.6

NIS (YP) on 2.6

Post by T. Simpso » Fri, 19 Dec 1997 04:00:00



Hi,

I have recently installed a lab of 20 PII's running Solaris 2.6 x86.
Initially I attempted to use NIS (YP) on the server but hit a problem.
Basically, the server kept saying "Server for domain xx not responding -
still trying", followed periodically by "Server for domain xx OK".

ie. the server was constantly losing the connection to itself.  This
caused havoc in the lab itself forcing me to eventually install a 2.5
machine which I new ran NIS (YP) ok.  Looking through the man pages I
came up with this line for "ypbind"

        The NIS server is not supported in SunOS releases
     anymore, but ypbind can  communicate  with  an  NIS  server,
     ypserv,  on  an  earlier  SunOS release or an NIS+ server in
     "YP-compatibility mode", see  rpc.nisd(1M).

So can I run the 2.6 machine as a YP server or not?
--
__________________________________ ___  _   _     _

Tom Simpson.                         (01792) 295651
Dept. of Computer Science,
U W Swansea,
Singleton Park, Swansea. SA2 8PP.
__________________________________ ___  _   _     _

 
 
 

NIS (YP) on 2.6

Post by T. Simpso » Fri, 19 Dec 1997 04:00:00


 machine which I new ran NIS (YP) ok.  Looking through the man pages I
                 ^^^^
Can't believe I did that - it was a typo - honest.
--
__________________________________ ___  _   _     _

Tom Simpson.                         (01792) 295651
Dept. of Computer Science,
U W Swansea,
Singleton Park, Swansea. SA2 8PP.
__________________________________ ___  _   _     _

 
 
 

NIS (YP) on 2.6

Post by Mario Starga » Fri, 19 Dec 1997 04:00:00


On Thu, 18 Dec 1997 14:26:09 +0000, "T. Simpson"



> machine which I new ran NIS (YP) ok.  Looking through the man pages I
>                 ^^^^
>Can't believe I did that - it was a typo - honest.
>--
>__________________________________ ___  _   _     _

>Tom Simpson.                         (01792) 295651
>Dept. of Computer Science,
>U W Swansea,
>Singleton Park, Swansea. SA2 8PP.
>__________________________________ ___  _   _     _

        Yes, I'm doing this just fine.
        The Documentation is a bit fuzzy on setting up NIS on Solaris
(seems they think everyone wants nis+) but it works.  You need to have
an entry for the server machine in the /etc/hosts file, put a
domainname in /etc/domainname, then run ypinit -m to create the maps.
Of course, you're probably going to have to edit /var/yp/Makefile and
fuss with /etc/nsswitch.conf, but other than that, it should just
work.
        One gotcha I got hung up on is that no one could change nis
passwds, not even root.  Turns out that you need to run admtblloc and
map the NIS tables properly, like this:
        admtblloc -c -NIS -p /var/yp/sourcetables
where sourcetables contains files like services, group, etc.  If you
put your passwd and shadow files elsewhere, then you'll need to map
those separately.
        I'm running Solaris 2.6 Intel with a Tyan S1564D dual 166
motherboard, and a Mylex 960 RAID controller.  Network controller is a
3c905 on fast ethernet.
        I think what that blurb about NIS not being supported is all
about is that NIS was rolled into Solaris 2.6 instead of being a
separate package.  It's my understanding Sun runs NIS in their shops,
except for the NIS+ development group.

        Cheers,
                Mario

--
Mario Stargard, Systems Admin   |  "Security for an OPEN World"
Product Development Group       |  Network security solutions for
SAGUS Security Incorporated     |   the enterprise.
(613) 234 7300 x214             |  http://www.sagus-security.com

 
 
 

1. NIS Server on 2.6 with 2.6 and linux clients ?

Hi all,

we have tried to configure NIS (yp) on 2.6 server and have had several problems
concerning the passwd/shadow/passwd.adjunct:

scenario #1: passwd + shadow
o NIS merges passwd with shadow and distributes one passwd inkl. passwords
- no security for passwords
- no password credentials (expiration etc)
+ both clients (solaris 2.6 and linux) can work with
+ yppasswd works on both clients

scenario #2: passwd + passwd.adjunct
o NIS distributes both
+ security for passwords
+ password credentials
- linux can't work with, because NIS puts ##user in the password field

scenario #3: passwd + shadow
o NIS distributes both (with modified Makefile to get shadow map)
- only linux can work with (there is no shadow entry in solaris's nsswitch.conf)

Is only scenario #1 is applicable on solaris+linux clients ?
Did I leave something out ?

I would like have password security (like shadow using nis on linux server)
and password credentials and be able to change password on clients (using yppasswd).

The man page for rpc.yppasswdd says, that if adjunct file is used, the ##user
in password field is needed, it seems to me that linux can't use this syntax.

Any hints ?

regards
Peter

PS: I used SuSE Linux 7.3

2. net-2 dip -i

3. Reasonable nis security between Solaris & Linux (was Re: Is nis (yp) a security worry?

4. linux-2.4.20_summit_A0 (0/4)

5. NIS, NIS+, named, yp, ...

6. linux

7. Nis+ and NIS (YP) compatibility

8. Resolving IRQ conflict with SCSI device and mouse

9. NIS+ under NIS(YP) Rootmaster or just Master

10. NIS yp compat mode, participating in NIS+ hierarchy, limitations?

11. 2.6 FCS -> 2.6 5/98 upgrade fails because /usr moved to /usr:2.6

12. NIS (yp)

13. NIS on Solaris 2.6