Hi Fellow Gurus -
My earlier mail message:
==>
==> Dear Fellow Sys Admins -
==>
==> I have worked on this problem off and on for over 6 months.
==> I have an AlphaStation 200 4/233 running 4.0B with C2/enhanced
==> security and it serves 4, AlphaStation 250 4/233 machines using
==> NIS. They are also running 4.0B with C2/enhanced security. I
==> can log onto the server and two of the clients (clients a
==> and b). I can not log onto two of the clients (clients c and
==> d). Any new user I create can not log onto the clients c and
==> d either, but they can log onto the server and the clients a
==> and b.
==>
==> The only users that can log onto clients c and d are the users
==> that were on the machine before I went to C2 security, well, all
==> users except me. At least I can get on as root.
==>
==> Has anyone had anythignlike this occur and/or have some clues
==> for me?
==>
==> Kris Larsen
A response from Martin Mokrejs
==>
==> > The only users that can log onto clients c and d are the users
==> > that were on the machine before I went to C2 security, well, all
==> > users except me. At least I can get on as root.
==>
==> Run authck -a -v on machines c and d as root and look for error messages.
==>
==> Set your env. variable EDITOR to your favorite and run:
==> edauth your_login
==> to see if your account has an entry in protected database.
==>
==> Isn't the problem in it that machiones c and d dont behave as NIS clients?
==> With NIS I can't help your, try nissetup.
==>
==>
==> Martin
==>
==> -------------------------------------------------------------------------
==> | Martin MOKREJS - Net&SysAdmin |
==> | PGP 5.0i key at: finger://mail.natur.cuni.cz/mmokrejs |
==> | mmokrejs_at_natur.cuni.cz Faculty of Science, The Charles University |
==> | tel.: +420-2-2195 2315 Albertov 6, PRAGUE 2, 128 43, Czech Republic |
==> -------------------------------------------------------------------------
==>
==>
I tried the authck and edauth but it was not making sense. I had
the NIS set properly, the secure files were being exported, but it
acted as if the secure files were not being used. authck told me
that the users were in passwd but not in prpasswd. I ran nissetup
again and at the end it said it was updating svc.conf and rc.config.
I checked rc.config and it was correct then I checked svc.conf. I
noticed auth=local,yp was missing. I also noticed that SECLEVEL=
ENHANCED was missing.
In November I was bringing up this NIS group as a secure group and
I must not have setup clients c and d as secure before being confined
to bedrest by my doctor for toxemia. I set up client d as secure (a
user is on c at the moment) and now I can log on client c. I am a
happier camper.
Moral of the story, have a list of all the machines upon which you
are working with what needs to be completed on each machine and
check off each action as it is completed. I normally do this but
I did not this time and when I returned 2.5 months later, I did not
remember that I had not completed the security setup on these two
machines.
Thank Martin. You may not have had the exact answer, but you helped
me find the problem.
Kris Larsen
Received on Tue Apr 07 1998 - 19:23:09 NZST