[Freeipa-users] slapi-nis installation help

Gary Verhulp gverhulp at checkpoint.com
Tue Oct 6 18:33:02 UTC 2009 

Thanks for the response.
I have the NIS config on the client setup correctly I believe.
This client was moved from my current NIS domain and works fine.

It's not that the client does not bind to the new FreeIPA NIS domain, 
but rather there is no passwd hash  in the output of ypcat -k passwd so 
it has no way to auth.

garyv at fell:/var/log$ ypcat -k passwd
ttest ttest:*:1102:1002:Tim  Test:/home/ttest:/bin/bash


br,
Gary


yi zhang wrote:
> On 10/06/2009 10:36 AM, garyv wrote:
>> Hi,
>>
>> I've installed freeIPA  (ipa-server-1.2.2-1.fc11.i586)and have the 
>> base functionality working and I'm quite pleased.
>>
>> The problem I'm experiencing is with getting slapi-nis to function 
>> properly.
>>
>> Reading other posts in the list I was able to get FreeIPA to serve 
>> NIS maps, and clients to bind to the NIS dom, but no passwords/auth 
>> work for users.
>>
>> Any tips on setup/troubleshooting this?
> I haven't do any ipa-nis configuration for a while, here is my old 
> notes, they might still work
>
>     * NIS client host set up in general
>
> This is what RHEL linux should follow. 
>
>    1. Append the following line in the */etc/sysconfig/network* file:
>           * NISDOMAIN=mynisdomain
>    2. Append the following line in */etc/yp.conf* :
>           * domain mynisdomain server 192.168.0.1 replace ip to the
>             IPA server IP
>    3. Make sure the following lines contain 'nis' as an option in the
>       file */etc/nsswitch.conf*
>           * passwd: files nis
>           * shadow: files nis
>           * group: files nis
>           * hosts: files nis dns
>           * networks: files nis
>           * protocols: files nis
>           * publickey: nisplus
>           * automount: files nis
>           * netgroup: files nis
>           * aliases: files nisplus
>    4. restart ypbind and portmap
>           * */etc/rc.d/init.d/ypbind restart*
>           * */etc/rc.d/init.d/portmap restart*
>
>
>>
>> Thanks
>>
>> Gary
>>
>> on the Client:
>> root at fell:~$ ypcat -k passwd
>> ttest ttest:*:1102:1002:Tim  Test:/home/ttest:/bin/bash
>>
>> root at fell:~$ ypwhich  -m
>> passwd.byuid fcds.edited
>> passwd.byname fcds.edited
>> netid.byname fcds.edited
>> group.upg fcds.nes.edited
>> group.byname fcds.edited
>> group.bygid fcds.edited
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>

More information about the Freeipa-users mailing list