From: Josh Fryman (fryman@cc.gatech.edu)
Date: Tue Feb 22 2005 - 16:17:09 EST
hi all,
the end result is that the concept of using a linux box as an NFS
server and NIS server to a mixed collection of other boxen --
including an Alpha Tru64 XP1000 workstation -- works fine. you
just have to know which knobs to use.
i had a lot of great responses, the combination of which solved the
issues.
1) modern linux boxen/distros use MD5 hash password files. you
need to switch the passwords for those users who will login to
non-linux boxen (solaris, tru64, ...) to DES. the mechanism to
do this -- edit /etc/pam.d/system.auth, look for the line for
"passwords", and change "md5" to "crypt". now, reset every
password for other systems to force a switch to DES format.
this is the primary stumbling block. (thanks to James Sainsbury.)
2) on the alpha boxen, it's easiest to disable advanced security
altogether. if you keep advanced security, you need to fix the
permissions so that the general user is not login-restricted.
you can do this by removing the "@" in /etc/auth/system/default
for the user_login line. (note: this may not be the recommended
solution, but it does the job.) others have suggested setting
permissions on the tty's, and pty's in the securettys file. i
didn't need these steps, however, since i disabled the advanced
security mode.
3) you need to be sure that nis is enabled in the /etc/svc.conf
file as well, but this should be set if you configure NIS support
via "sysman" or the gui tools. (key line: auth=local,yp) you
may also need the "+" entries as the last line of each
passwd/group/etc files.
thanks to all who responded,
-josh
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:50:15 EDT