SUMMARY: NIS user accounts
Robert Dege
rdege at cse.Buffalo.EDU
Wed Aug 25 10:28:25 EDT 2004
Dave,
thanks for the helpful tips. I was able to resolve the problem though.
Overall, it was a pam problem. By default, pam was only using DES
hashing to check passwords, which was causing any user with a password >8
characters to fail authentication. Updating the pam rpm correctly
implemented the MD5 hashing, which resolved the problem.
-Rob
>
> --- Robert Dege <rdege at cse.Buffalo.EDU> wrote:
>
> >
> > The user only has an entry in the NIS maps; none in either passwd file.
> >
> > The nsswitch.conf has: passwd: compat, along with group: compat
> >
> > Other NIS users are able to logon to both of these machines without any
> > problems. It just appears to be this one account.
> >
>
> What is the UID/GID of the user who can't login?
>
> Are access controls enabled on the one machine but not the other??
> (/etc/security/access.conf), is the PAM configuration the same for login??
> (/etc/pam.d/login), has the system been broken into? (compare MD5sums for
> apps between systems, or use one of the many forensic method to determine if
> you got hacked into.)
>
>
>
> =====
> Dave J. Andruczyk
>
>
>
> __________________________________
> Do you Yahoo!?
> New and Improved Yahoo! Mail - Send 10MB messages!
> http://promotions.yahoo.com/new_mail
>
Dege
As seen on bash.org:
The problem with America is stupidity. I'm not saying there
should be a capital punishment for stupidity, but why don't
we just take the safety labels off of everything and let
the problem solve itself?
More information about the nflug
mailing list