Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NIS is writing to passwd instead of shadow

Status
Not open for further replies.
blainepruitt

blainepruitt

Technical User
Apr 18, 2002
105
US
Hi all,

I'm having bit of trouble that I'm hoping someone can help me with. I have implemented password aging in an NIS environment. The NIS files are contained in a location other than /etc. When a user tries to update their password it writes the new encrypted password into the correct location, but into passwd instead of shadow. I need the shadow file in place because it sets the parameters for their password expiration dates. I've check nsswitch.conf to make sure that the entries were right there, here is what I have:

passwd: files nis

I haven't tried flipping the two around since this is a production machine I didn't want to impact anyone. If you have any thoughts on this it would be greatly appreciated.

Thanks,
bp
 
Sort by date Sort by votes
Hi,

In /etc there are passwd and shadow files. But NIS only has passwd file.Actually NIS passwd file includes also some part of shadow file. And a bad news for you. As I know, NIS does not support password aging. You have to use more powerful software like NIS + . If you use password aging, what will happen?
-When password expired...
---If the user tries to login from NIS client machine,user will login to system without changing password.
---If the user tries to login from NIS server machine,user will login after changing old password.
Regards

 
Upvote 0 Downvote
bp,

I use NIS (Solaris 8 platform) and it uses both the password and shadow file, but I put all my NIS directories and files in /etc/nis. I also use password aging and it seems to work. If my password expires, the next time I log in it asks me to change it. I have not worked with it that long though. Just wondering, were you actually looking at the passwd file and seeing the encrypted password, or were you using a command like ypcat passwd... if you use ypcat, it combines fields 1, 3, 4, 5, 6, and 7 from the passwd file with field 2 (encrypted password) from the shadow file and displays the entries.

For more robust administration capabilities, I will have to agree with crasho2001 and say switch to NIS+.

Good Luck!!! Have a Great Day!! :)
~Sol
Sys Admin
 
Upvote 0 Downvote
Thanks for your help. I've decided to either move my PWDIR to /etc or write a perl script that would grab fields from both files and combine them to make a new shadow file.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

arciua
  • Locked
  • Question
SUN Solaris 7: How to pin Workspace Menu?
Replies
0
Views
521
arciua
arciua
ddrillich
  • Locked
  • Question
Changing the format of the uptime output
Replies
0
Views
379
ddrillich
ddrillich
austinramsay
  • Locked
  • Question
Solaris 10 install hanging at 3%.. Where to find log file, or ideas?
Replies
1
Views
488
AvayaTier3
AvayaTier3
tekmhe
  • Locked
  • Question
Using a PC, how to delete files from a Sunblade 150 IDE drive?
Replies
3
Views
313
SamBones
SamBones
DTGMI
  • Locked
  • Question
Sunblade 150 NVRAM IDPROM Reprogramming Issues
Replies
11
Views
1K
frodete
frodete

Part and Inventory Search

Sponsor

Back
Top