Problems w/NIS Clients in Compat Mode
- From: Doug Summers <dsummers2@xxxxxxx>
- Date: Thu, 09 Feb 2006 18:47:44 -0800
I have (3) RHEL machines - (2) are RHEL3-I386 and other is RHEL4-AMD64. I'm using OpenAFS for authentication and using NIS to push out the password maps (no /etc/shadow). I'm using NIS compat mode, using netgroups to specify user account access to each machine.
Here is the /etc/nsswitch.conf I'm using on the RHEL3 machines:
passwd: compat
shadow: compat
group: compat
hosts: files nis dns
I'm trying the same thing on the RHEL4 machine, but I can't login or even su to another user as root. 'getent passwd' shows all of the proper user ID's and 'groups username' brings up the proper NIS groups. 'su - username' returns "incorrect password".
I get can around this problem by creating local users with locked-out passwords. The problem with this is that they expire, causing the system to ask to change it (I don't want any local passwords). I'm specifically using NIS because it won't expire passwords; this is being controlled on the OpenAFS server side.
If I only had Linux machines I'd switch to LDAP in a heartbeat, but that's just not realistic at this point. I just can't figure out what RHEL4 did that RHEL3 didn't.
BTW - selinux is installed but disabled.
Doug
.
- Follow-Ups:
- Re: Problems w/NIS Clients in Compat Mode
- From: Bill Marcum
- Re: Problems w/NIS Clients in Compat Mode
- Prev by Date: some simple question about how to install the 1000mb NCI under the linux?
- Next by Date: Re: Hard disk data recovery.
- Previous by thread: some simple question about how to install the 1000mb NCI under the linux?
- Next by thread: Re: Problems w/NIS Clients in Compat Mode
- Index(es):
Relevant Pages
|
