From: Niall O Broin (niall at domain linux.ie)
Date: Thu 11 Oct 2001 - 13:39:07 IST
On Thu, Oct 11, 2001 at 08:38:51AM +0100, Dunphy Richard-rdunph01 wrote:
> > When you change a
> > password on client1 is that change immediately propagated i.e. can you
> > immediately go to client2 and log in with the new password.
> Yes, from client to client is immediate. But it takes some time for the
> server to be updated.
Bit of confusion here. If you change your password on client1, and then can
log in on client2 with the changed password, the NIS map has been
successfully changed, and the server is the source of the NIS map, so it has
been updated. What exactly do you mean when you say
> But it takes some time for the server to be updated.
> > Have you seen that the NIS passwd map
> > and its source
> > file have really been changed ?
> > From which way? The above example is done on zeus, with yppasswdd
> > runnning on zeus. If I try and change the passwd on zeus, nothing changes,
> > but on the client if I do a 'ypcat passwd' before and after the passwd
> > change it is different.
OK - the ypcat passwd difference shows you that you have changed your map
> > Do you perhaps have some
> > restrictions set up
> > such that zeus can't make an RPC call on zeus ?
> how do I find this out? where would the normal places be to remove this?
hosts.allow and hosts.deny, for example, though you've ruled them out -
again, I was clutching at straws.
> > Have you any slave servers in the network ?
> No. Just the one server serving
OK - again, just eliminating things. I'd recommend BTW when you get
everything sorted that you set up a slave server as a little insurance. OTOH
if zeus also serves up something vital like home directories then a slave
server is not so important as you're screwed anyway if zeus goes down.
Another thing to check on the clients and the server - do
grep passwd /etc/nsswitch.conf
and you should get a line like
passwd: files nis
You MIGHT get a line like
which is telling the name service mechanism to use the old + syntax. If you
have that, my recommendation is to remove it and replace it by a
passwd: files nis
and remove the + lines at the end of your password files, if any.
I'm sure that your clients are OK here, either the right way or in compat
mode, but I'm not so sure about the server - what does it have ?
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:12:42 GMT