NIS+ root password change

NIS+ root password change

Post by Gabe Grigores » Thu, 21 Nov 1996 04:00:00

does anyone know how one can change the root password for a NIS+ server?



* Pgr: 510-770-7409 _._._._._._._._._._ my uclink.b.e account for more info


NIS+ root password change

Post by Mario Klebs » Fri, 22 Nov 1996 04:00:00

>does anyone know how one can change the root password for a NIS+ server?

This used to be a bit complicated, the last time I had to do it. Well,
there is no problem in changing th eroot password, but there is a
problem in changing the RCP password, too.

The main problem is, that some NIS+ objects do store a copy of the
CRED information. And these information is cached, too.

So, you should be sure, that after changing the CRED information, all
locations, where it is stored get updated correctly. This should be
possible, if you wait long enough, since most of these locations have
a lifetime of typically 12 hours. However the nisupdkeys is necessary
to update the key information in the directory objects.

To find out more details, you should look into "all about
administering NIS+". They have a table which lists all locations,
where CRED Information is stored, and how to update it.

You should be sure you know, what you are doing, before starting your
changes. Ah, and be sure to backup your NIS+ database on every server
prior to doing any changes. This can be your life insurance. And it is
always a good idea, to have up to date ASCII files of your NIS+
data. isaddent -d can be used to extract the data in ordinary UNIX
file format for backup purposes.

73, Mario

Institut fuer Robotik und Prozessinformatik der TU Braunschweig
Hamburger Strasse 267, 38114 Braunschweig, Germany


1. NIS+ user management [Was: Re: root changing a user's password (NIS)]

And Solaris 2 removed `passwd -f <filename>'; the "-f" option now
means "force password change at next login".

                                  .  What other ways are there that are safer?

Good question.  I haven't used Solaris 2 at a large site long enough
for it to be much of an issue.  When necessary, I've just done as you
and edited the file by hand (using Emacs, which when saving at least
gives warning if the file's been changed).  Several years ago at Sun,
I recall there being a `viyp' utility for editing NIS files.  Maybe
they made it publically available.  I think it's harder to enforce
such a utility's use than it is to write one. ;-)

On a related note -- what is the recommended/approved/best way to add
new users and remove ex-users to/from NIS+ ??  One would hope `useradd'
could do it -- nope.  The NIS+ utilities `nis{addent,populate}' are
tailored towards adding to NIS+ tables from ASCII files or NIS maps
rather than dealing with a single "user" entry.  And using plain
`nistbladm' and `nisaddcred' options is crude and error-prone.

I've searched to no avail for some "cookbook" method of handling NIS+
user management.  My old NIS+ book was useless for that issue.  Maybe
I just have a blind spot.  Any suggestions would be appreciated...


Scott J. Kramer                         Graham Technology Solutions
Sr. UNIX Systems Administrator          20823 Stevens Creek Blvd., Suite 300                 +1.408.366.8001

2. Where is KDE Taskmanager

3. changing NIS+ root master root password

4. Dualboot Linux with Win9X on old skool computer!

5. Changing local root password on box running NIS

6. setting flags with ifconfig

7. changing root password on a NIS+ server

8. lpr problem: jobs queued, but cannot start daemon.

9. User password change by root using NIS

10. Changing root password (NIS+)

11. NIS+ - Changing root passwords

12. how to change root password on NIS+ master server

13. How Do I change root password on a replica (NIS+)