NIS: login uses local pasword instead of nis password

suskewiet · July 2, 2011, 2:27pm

I have setup a nis server and client. At first I didn’t have a local user defined on the client. The client then used the user and passwords from NIS, so that was ok.

The problem then is, that when the server is down, I couldn’t login to my client anymore. So I created a local user with the same name on the client but with a different password (after I shut the nis server down, if nis server was on, I couldn’t create a local user with the same name). I then edited /etc/nssswitch.conf as follows:

# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
#       compat                  Use compatibility setup
#       nisplus                 Use NIS+ (NIS version 3)
#       nis                     Use NIS (NIS version 2), also called YP
#       dns                     Use DNS (Domain Name Service)
#       files                   Use the local files
#       [NOTFOUND=return]       Stop searching if not found so far
#
# For more information, please read the nsswitch.conf.5 manual page.
#

# passwd: files nis
# shadow: files nis
# group:  files nis

passwd: nis files
group:  nis files

hosts:  nis files mdns4_minimal [NOTFOUND=return] dns
networks:       files dns

services:       files nis
protocols:      files
rpc:    files
ethers: files
netmasks:       files
netgroup:       files nis
publickey:      files

bootparams:     files
automount:      files
aliases:        nis files
shadow: compat

At the line passwd I specified first nis and than files. I thought the behaviour would be like this:

If NIS server is on: client has to login with the nis password
If NIS server is down: client has to login with the local password (as fallback)

However the actual behaviour is that I can only login with the local password now. The NIS pasword doesn’t seem to be used anymore. What can I do to fix this?

nrickert · July 2, 2011, 3:17pm

Try running (as root):

/etc/init.d/nscd restart

I don’t know whether that will fix the problem, but it is worth a try. You might be using old data cached by “nscd”.

If you have already rebooted since your last change to “nsswitch.conf”, then that nscd restart probably won’t help.

suskewiet · July 2, 2011, 3:38pm

Thx but it didn’t help. I already booted the machine so I didn’t expected this to work.

Ecky · July 5, 2011, 1:03am

Have you tried stopping the nis service on your client machine before logging into it as your user?

I don’t know if I’m right about this, but it could be that even though you have passwd: nis files in nsswitch.conf, if ypbind is still running it still tries to login over nis, turning ypbind off might make it revert to files as nis wouldn’t be available

The command: service ypbind stop will stop the nis service on your client