To block user login by NIS

To block user login by NIS

Post by Tuan Da » Sun, 06 Feb 2000 04:00:00



Hello there,

Does anybody know how to setup the /etc/passwd using NIS
netgroup to block the user login? Please give me some
instructions.

Thanks,
Tuan

 
 
 

To block user login by NIS

Post by John T. Douglas » Tue, 08 Feb 2000 04:00:00



> Hello there,

> Does anybody know how to setup the /etc/passwd using NIS
> netgroup to block the user login? Please give me some
> instructions.

> Thanks,
> Tuan

Here are the basics.

1) edit /etc/nsswitch.conf, change

        pssswd: files nis

   to

        passwd: compat

2) Now you can limit access to the machine by using the + notations


   will add everyone in the netgroup to the passwd file.

   In the shadow file add:


You can also do things like override people's shells to something else
so that you can print out a nice login denied/restricted message.
After adding all your netgroups you want in add the following:

        +::::::/etc/privlogin   (passwd file)
        +::::::                 (shadow file)

Where "privlogin" is the program that simply writes out the message
and exits.

HTH

-- John

--
John T. Douglass                        Phone: 208 533 7992

           "A train stops at a trainstation, a bus stops
            at a bustation, what happens at a workstation?"

 
 
 

1. NIS user cannot login to Solaris NIS client

I have a NIS Server running on Redhat Linux 7.2 & my NIS clients
include Linux, Solaris 8 & IRIX 6.5 machines.

On my NIS server, I've selected the option to merge paswd & shadow
files. Likewise for group & gshadow files.

On all NIS clients, I'm able to run NIS commands like "ypwhich" "ypcat
(mapname)" successfully. I'm also able to login to all NIS Linux
clients. But I'm unable to login to any of the Solaris & IRIX NIS
clients.

However if I login to the Solaris NIS client as root, I can do a "su
nisuser" & be in the nisuser's shell. But if I login to the Solaris
NIS client as a local normal user, I cannot do a "su nisuser"
successfully after entering the nisuser password.

In the case of IRIX NIS client, even if I login as a root/normal user,
I'm unable to do a "su nisuser" . IRIX complains about no shell.Even
if I try to set the path for the shell on the NIS master corresponding
to IRIX, it says no shell when I try to do a "su nisuser"

On all clients, the nsswitch.conf has values in the order of:  file
nis

Not sure why I'm having this problem with NIS clients on Solaris &
IRIX. I've looked around the newsgroups a lot but haven't fund a
suitable reason/solution for this.

Any advice in this regard is greatly appreciated.

Thanks,

Ashwin.

2. Problem with SAMBA

3. Login to NIS (yp) client as user shows $USER as root!

4. Pentium Pro 200 vs Pentium 200 MMX

5. NIS+ user management [Was: Re: root changing a user's password (NIS)]

6. task cpu affinity syscalls for 2.4

7. Blocking Just Remote User Logins

8. web browser

9. How to block login to a machine for certain users?

10. how do I block user logins?

11. Selectively blocking user logins?

12. Blocking user login and su only

13. users login hang ups, NIS+ passwd problem ?