Hi,
I'm a newbie to RHL, but an experienced Solaris/HP-UX admin. I'm trying to get a RHL 9.0 machine hooked up as a NIS+ (nisplus) client to a Solaris NIS+ domain. It seems to support NIS, but not NIS+, so I went to http://www.linux-nis.org, and downloaded the nis-utils and pam_unix2 packages. I did not update the glibc library.
Everything seems to have worked. Nisinit successfully created a NIS_COLD_START file, I can do a niscat passwd.org_dir and see the NIS+ password info, same for hosts.org_dir etc. I can "su -" from root to a NIS+ user, and get the correct environment.
The problem is, I can't authenticate as a NIS+ user (one that isn't present in the local files). I can login if I add a local user, but if I try to login as a NIS+ user, I get "access denied" at my SSH login, and wrong password errors when I try to login to the KDE/Gnome environment.
Here's my nsswitch.conf:
passwd: files nisplus shadow: files nisplus group: files nisplus
hosts: files nisplus dns
bootparams: nisplus [NOTFOUND=return] files
ethers: files netmasks: files networks: files protocols: files nisplus rpc: files services: files nisplus
netgroup: files nisplus
publickey: nisplus
automount: files nisplus aliases: files nisplus
I suspect my problem lies with PAM modules or PAM config, but I'm not familiar with PAM at all. The PAM files in /etc/pam.d are all default, so I tried messing with /etc/pam.d/login and rlogin, adding the pam_unix2 module as suggested in the NIS How-To, but I really don't know what I'm doing there, and nothing I did seemed to make any difference.
Could someone point me in the right direction for this?
(BTW, I posted this to the shrike-list, but the more I dig into it, the more I think it is a PAM issue, so I'm reposting it to the pam-list.)
-TIA, -Tom
-- _______________________________________________________________________ Tom Haws Manager, Systems Administration trh@xxxxxxxxxxxxx Timberline Forest Inventory Consultants Tel: (250) 562-2628 1579 9th Ave, Prince George, B.C. Canada V2L 3R8 Fax: (250) 562-6942 http://www.timberline.ca _______________________________________________________________________
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list