Yes, they are both using shadow passwords. I am tempted to just let this hang for two weeks until I get to the NIS machine and then do it from scratch. If I just follow basic “muscle memory” on this I am a hoping that if I "dance with you brung you” this may work? Is a SL to SL NIS implementation giving anyone else misery? (That and the HTTPD server is the only thing I have left to fix). Bill On 8/1/14, 16:14 MDT, "Gilbert E. Detillieux" <[log in to unmask]> wrote: >Do you have shadow passwords? Is there a difference in the way Mandriva >handled those than how SL does? Are you generating a shadow.byname map, >a passwd.adjunct.byname map, or both? > >The NIS code has some odd tweaks in it to implement shadow password >support in ways that are backward-compatible with Solaris systems. I'm >wondering if you're running into a problem with that? > >Gilbert > >On 01/08/2014 4:46 PM, Capehart, William J wrote: >> I am using a login via ssh >> >> >> Here is the secure log material for my test USR >> >> Aug 1 21:26:20 <client> unix_chkpwd[6558]: password check failed for >>user >> (<NISuser>) >> Aug 1 21:26:20 <client> sshd[6556]: pam_unix(sshd:auth): authentication >> failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=<remote.host.name> >> user=jtorres >> Aug 1 21:26:22 <client> sshd[6556]: Failed password for <NISuser> from >> <remote.host.up.address> port 65500 ssh2 >> >> >> From a fellow Mandriva box the same request meets as follows. >> >> Aug 1 21:32:15 <client> sshd[7595]: Accepted password for <NISuser> from >> <remote.host.up.address> port 54278 ssh2 >> >> >> Passwords should be hashed. I am not using keberos (or at least I don’t >> think it’s in the mix). >> >> once again, despite what you see above the id command yield the correct >> uid and gid information for the test user >> >> Bill >> >> >> On 8/1/14, 15:20 MDT, "Steven Timm" <[log in to unmask]> wrote: >> >> >What login method is failing? Login from console? ssh? other? >> >does /var/log/secure give you anything as far as error messages? It >> >should. Is kerberos involved here or do you have hashed >> >passwords in the NIS map? >> > >> >Steve Timm >> > >> > >> > >> >On Fri, 1 Aug 2014, Capehart, William J wrote: >> > >> >>Steve: >> >> >> >>Normally I do all the pieces normally but I followed your guidance: >> >> >> >>authconfig --enablenis ‹nisserver=(server.name.goes.here) >> >>‹nisdomain=(mydomain) --update >> >> >> >> >> >>As root, id on one of my test accounts worked. >> >>As root, su on the same test account worked. >> >>³nis² has indeed been through the /etc/nsswitch.conf file all along. >> >> >> >>Bill >> >> >> >> >> >> >> >>On 8/1/14, 14:51 MDT, "Steven Timm" <[log in to unmask]> wrote: >> >> >> >>>did you go into the system setup utility and enable NIS >>authentication? >> >>>(or use authconfig from the command line). That's the best way >> >>>to ensure that PAM is configured correctly to use NIS and that's >>likely >> >>>the problem. >> >>> >> >>>(does "id" on a yp user name work?) >> >>>(does "su" to a yp user name work?) >> >>>does "nis" appear in /etc/nsswitch.conf? (setup will do that). >> >>> >> >>>Steve Timm >> >>> >> >>> >> >>>\On Fri, 1 Aug 2014, Capehart, William J wrote: >> >>> >> >>>>We are in the process of migrating to SL 6.5 from Mandriva and >>things >> >>>>have >> >>>>been manageable until (of course) today. >> >>>> >> >>>>The NIS server is still under Mandriva (yp-serve is 2.22, ypbind is >> >>>>1.29.91) >> >>>> >> >>>>On the client to be in SL 6.5 the ypbind is 1.20.4. >> >>>> >> >>>>NIS works on the fellow Mandriva machine clients but when used on >>the >> >>>>SL >> >>>>machine >> >>>> >> >>>>The username and groups get carried over and match the uids >> >>>> >> >>>>ypcat gives the correct responses for the arguments passwd and >>groups >> >>>> >> >>>>BUT >> >>>> >> >>>>I get permission denied errors when logging in. (That is sort of a >> >>>>deal >> >>>>breaker). >> >>>> >> >>>>Beyond this point is there any troubleshooting advise here? >> >>>> >> >>>>Thanks Much, >> >>>>Bill > >-- >Gilbert E. Detillieux E-mail: <[log in to unmask]> >Dept. of Computer Science Web: http://www.cs.umanitoba.ca/~gedetil/ >University of Manitoba Phone: (204)474-8161 >Winnipeg MB CANADA R3T 2N2 Fax: (204)474-7609