Changing Password in NIS

system · November 12, 2008, 6:21am

Friends

I want to know whether i can change the password of a user logged in thru NIS from a client machine after stopping the YP services in NIS server.
Note - The Slave server is up and running.

I tried doing this. But i got the reply "Permission Denied".

I stopped the YP services in NIS server using the command "/usr/lib/netsvc/yp/ypstop".

I tried changing the password in the client in the below manner:
[!]root: yppasswd d08083
Enter d08083's password:
New Password:
Re-enter new Password:
Permission denied

Output of ypcat passwd in client:
[!]root: ypcat passwd
d98680:##d98680:205:14:Salil Nair, IT:/users/d98680:/bin/ksh
d12482:##d12482:5017:1:Ajay More:/users/d12482:/bin/ksh
d12381:##d12381:5015:100:Renjesh Raju:/users/d12381:/bin/ksh
d11939:##d11939:5014:100:Ovais Tawa:/users/d11939:/bin/ksh
d08083:##d08083:207:100:Hari Ganesh, IT:/users/d08083:/bin/ksh
gdm:##gdm:50:50:GDM Reserved UID:/:

Please let me know if any more logs are required.

My question is if the YP services stop in NIS server,will users be unable to change the password until it's up?

Thanks
HG

system · November 12, 2008, 6:29am

Friends

Just found the following error in the /var/adm/messages file:

passwd[23230]: [ID 100979 user.error] passwdutil.so: couldn't create client to YP master

Thanks
HG

jlliagre · November 12, 2008, 7:33am

You can't change a user's password if the NIS master is off. The slave servers are read-only caches to speed-up name resolution. AFAIK, there can only be a single repository with NIS. You can use ldap as name service back-end to allow write availability.

system · November 13, 2008, 2:56am

Thanks,Jlliagre for the response.

Friends,
I have one more question as of now. Is there any way by which the NIS user will be able to create a Home directory of his own in any of the clients he logs on to. Just like the way we have in windows AD;where a new user when logging into a client creates his own home directory.
In my environment,NFS service is not allowed. So mounting the home directories is not possible.

Thanks - in - Advance.

jlliagre · November 13, 2008, 3:38am

Gnu/Linux users do it with pam_mkhomedir.

On Solaris, a simple shell script and autofs can provide the same functionality:

Bug ID: 6211761 solaris should have a pam_mkhomedir PAM module

system · November 13, 2008, 4:21am

Sorry jlliagre,though i got the idea,i didn't know how to get that executed.
Can somebody please throw more light?

jlliagre · November 13, 2008, 4:52am

The workaround is clearly explained in the link I posted although you'll need to adapt it should you use UFS instead of ZFS.
What exactly are you missing ?

system · November 14, 2008, 2:47am

Jlliagre,

I have updated the script to my needs. Can you please let me know whether i am right or wrong.

Note - My Home directories are in /users mountpoint.

I am writing an executable sheel script called /etc/auto_home_create

#!/bin/ksh -p
#
# Find home directory; create directories under /users
#

hdir=$(echo ~$1)

if [[ "$hdir" != /users/* ]]
then
# Not a user with a valid home directory.
mkdir /users/$1 #(/users is a world writeable dir)
fi
exit

Would this script solve my need? Pardon my ignorance,if this is wrong.

Thanks
HG