[389-users] NIS 389 Directory Server
Neuhold Christian (TSA)
Christian.Neuhold at austriamicrosystems.com
Wed May 18 11:22:21 UTC 2011
Hello, for user authentication we use NIS on a Solaris System. Solaris 7/8/9 and Redhat 4/5 access this domain. Now I want to migrate to fedora directoryserver.
What I have done:
* Installed Redhat 5 x86_64
* Installed 389 from EPEL
* Imported NIS Data into 389 with LdapImport from Babel
* Authentication over LDAP and LDAP SSL works. (POSIX Accounts)
* Installed slapi-nis 0.24
* Configured slapi-nis with nis-getting-started.txt
Working:
* Providing NIS MAPS
[root at xxxx ~]# ypwhich -m
users sux7292v.xxx.com
passwd.byuid xxx.xx.com
passwd.byname xxx.xx.com
group.byname xxx.xx.com
group.bygid xxx.xx.com
[root at xxx ~]#
*Get passwd and groups
[root at xxx slapd-xxx]# ypcat passwd | grep tst
tst:*:1346:21:Test:/user/tst:/bin/csh
My problem:
Authentification is not working, login is not possible.
My des.ldif (only nis entries):
dn: cn=NIS Server,cn=plugins,cn=config
objectClass: top
objectClass: nsSlapdPlugin
objectClass: extensibleObject
cn: NIS Server
nsslapd-pluginPath: nisserver-plugin.so
nsslapd-pluginInitfunc: nis_plugin_init
nsslapd-pluginType: postoperation
nsslapd-pluginEnabled: on
nsslapd-pluginDescription: NIS Server Plugin
nsslapd-pluginVendor: redhat.com
nsslapd-pluginVersion: 0.24
nsslapd-pluginId: nis-plugin
nis-tcp-wrappers-name: ypserv
nsslapd-pluginarg0: 541
modifiersName: cn=directory manager
modifyTimestamp: 20110517110053Z
numSubordinates: 5n
dn: nis-domain=xxx+nis-map=group.bygid,cn=NIS Server,cn=plugins,cn=config
objectClass: extensibleObject
objectClass: top
nis-domain: xxx
nis-map: group.bygid
nis-base: ou=Groups, dc=xxx, dc=com
dn: nis-domain=xxx+nis-map=group.byname,cn=NIS Server,cn=plugins,cn=config
objectClass: extensibleObject
objectClass: top
nis-domain: xxx
nis-map: group.byname
nis-base: ou=Groups, dc=xxx, dc=com
dn: nis-domain=xxx+nis-map=passwd.byname,cn=NIS Server,cn=plugins,cn=config
objectClass: extensibleObject
objectClass: top
nis-domain: xxx
nis-map: passwd.byname
nis-base: ou=People, dc=xxx, dc=com
dn: nis-domain=xxx+nis-map=passwd.byuid,cn=NIS Server,cn=plugins,cn=config
objectClass: extensibleObject
objectClass: top
nis-domain: xxx
nis-map: passwd.byuid
nis-base: ou=People, dc=xxx, dc=com
ypcat passwd old system:
[root at xxx slapd-xxx]# ypcat passwd | grep tst
tst:*:1346:21:Test:/user/tst:/bin/csh
ypcat passwd new system:
[root at xxx ~]# ypcat passwd | grep tst
tst:xOf6bdfgZsCsA:1346:21:Test:/user/tst:/bin/csh
Is it possible to provide the password hash with slapi-nis/389-directory server?
Thanks, br cnu80
-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~
This message may contain confidential and/or privileged information intended
only for the addressee.
If you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose or take any action based
on this message or any information herein. If you have received this
message in error, please advise the sender immediately by reply e-mail and
delete this message. Any views expressed in this message are those of the
individual sender and may not necessarily reflect the
opinions of austriamicrosystems AG.
-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~-~^~
Diese E-Mail enthaelt moeglicherweise vertrauliche und/oder rechtlich
geschuetzte Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich
erhalten haben, informieren Sie bitte sofort den Absender und loeschen Sie
diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser
Mail ist nicht gestattet. Etwaige in dieser E-mail geaeusserte Ansichten und
Meinungen stammen vom Versender dieser Nachricht und muessen nicht
notwendigerweise mit den Meinungen und Ansichten von austriamicrosystems AG
uebereinstimmen.
~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~.~-~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20110518/a0801dd3/attachment.html>
More information about the 389-users
mailing list