[389-users] NIS 389 Directory Server

Wed May 18 11:22:21 UTC 2011

Hello, for user authentication we use NIS on a Solaris System. Solaris 7/8/9 and Redhat 4/5 access this domain. Now I want to migrate to fedora directoryserver.

What I have done:
* Installed Redhat 5 x86_64
* Installed 389 from EPEL
* Imported NIS Data into 389 with LdapImport from Babel
* Authentication over LDAP and LDAP SSL works. (POSIX Accounts)
* Installed slapi-nis 0.24
* Configured slapi-nis with nis-getting-started.txt

Working:
* Providing NIS MAPS
[root at xxxx ~]# ypwhich -m
users sux7292v.xxx.com
passwd.byuid xxx.xx.com
passwd.byname xxx.xx.com
group.byname xxx.xx.com
group.bygid xxx.xx.com
[root at xxx ~]#

*Get passwd and groups
[root at xxx slapd-xxx]# ypcat passwd | grep tst
tst:*:1346:21:Test:/user/tst:/bin/csh

My problem:
Authentification is not working, login is not possible.

My des.ldif (only nis entries):
dn: cn=NIS Server,cn=plugins,cn=config
objectClass: top
objectClass: nsSlapdPlugin
objectClass: extensibleObject
cn: NIS Server
nsslapd-pluginPath: nisserver-plugin.so
nsslapd-pluginInitfunc: nis_plugin_init
nsslapd-pluginType: postoperation
nsslapd-pluginEnabled: on
nsslapd-pluginDescription: NIS Server Plugin
nsslapd-pluginVendor: redhat.com
nsslapd-pluginVersion: 0.24
nsslapd-pluginId: nis-plugin
nis-tcp-wrappers-name: ypserv
nsslapd-pluginarg0: 541
modifiersName: cn=directory manager
modifyTimestamp: 20110517110053Z
numSubordinates: 5n

dn: nis-domain=xxx+nis-map=group.bygid,cn=NIS Server,cn=plugins,cn=config
objectClass: extensibleObject
objectClass: top
nis-domain: xxx
nis-map: group.bygid
nis-base: ou=Groups, dc=xxx, dc=com

dn: nis-domain=xxx+nis-map=group.byname,cn=NIS Server,cn=plugins,cn=config
objectClass: extensibleObject
objectClass: top
nis-domain: xxx
nis-map: group.byname
nis-base: ou=Groups, dc=xxx, dc=com

dn: nis-domain=xxx+nis-map=passwd.byname,cn=NIS Server,cn=plugins,cn=config
objectClass: extensibleObject
objectClass: top
nis-domain: xxx
nis-map: passwd.byname
nis-base: ou=People, dc=xxx, dc=com

dn: nis-domain=xxx+nis-map=passwd.byuid,cn=NIS Server,cn=plugins,cn=config
objectClass: extensibleObject
objectClass: top
nis-domain: xxx
nis-map: passwd.byuid
nis-base: ou=People, dc=xxx, dc=com

ypcat passwd old system:
[root at xxx slapd-xxx]# ypcat passwd | grep tst
tst:*:1346:21:Test:/user/tst:/bin/csh

ypcat passwd new system:
[root at xxx ~]# ypcat passwd | grep tst
tst:xOf6bdfgZsCsA:1346:21:Test:/user/tst:/bin/csh

Is it possible to provide the password hash with slapi-nis/389-directory server?

Thanks, br cnu80
-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~

This message may contain confidential and/or privileged information intended 
only for the addressee.

If you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose or take any action based
on this message or any information herein. If you have received this 
message in error, please advise the sender immediately by reply e-mail and 
delete this message. Any views expressed in this message are those of the 
individual sender and may not necessarily reflect the 
opinions of austriamicrosystems AG.

-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~

Diese E-Mail enthaelt moeglicherweise vertrauliche und/oder rechtlich 
geschuetzte Informationen.

Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich 
erhalten haben, informieren Sie bitte sofort den Absender und loeschen Sie 
diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser 
Mail ist nicht gestattet. Etwaige in dieser E-mail geaeusserte Ansichten und
Meinungen stammen vom Versender dieser Nachricht und muessen nicht 
notwendigerweise mit den Meinungen und Ansichten von austriamicrosystems AG 
uebereinstimmen.

~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20110518/a0801dd3/attachment.html>