Inconsistent NIS Client Behavior w/ Centos 7

General support questions
Post Reply
KPart
Posts: 8
Joined: 2016/07/27 17:36:50

Inconsistent NIS Client Behavior w/ Centos 7

Post by KPart » 2019/01/15 20:43:12

I am working on bringing back a number of Centos 7 rigs in our student computer lab back online. No change was made to the existing server machine [running Scientific Linux 6]

Right now there is one remaining thing to resolve: an inconsistency with the rigs' NIS Clients.

I have configured rcpbind and ypbind following guidance from Server World ( https://www.server-world.info/en/note?o ... &p=nis&f=2 ) identically on all of the client machines. Three are behaving as they are supposed to do. Five are not.

In this process I have triple checked that support files ..

Code: Select all

/etc/sysconfig/network
/etc/yp.conf
/etc/pam.d/system-auth-ac
/etc/pam.d/system-auth 
/etc/login.defs
/etc/sysconfig/authconfig
They are identical. IP addresses, Netmasks, Gateways, DNS etc are correct and all rigs (Server and Clients) do not conflict on any of the machines or /etc/host files.

Disabling the firewall doesn't impact the problem.

NFS and other services work fine. All other aspects of networking is fine. You can ssh and access the Server rig from the Client rigs.

rpcbind shows that the ypbind/ypserv services are up and Clients and Server, respectfully (and it works on some of the machines).

The rigs that are not working exhibit the following behavior.
  • yptest -u [valid nis username] works with no errors.
  • yppasswd will change a password on the NIS server with no errors and other commands like ypchfn will work as well.
  • ypwhich, ypcat, ypmap, etc. give the same values we'd see on the NIS server.
...BUT...
  • You cannot login or su into the rigs with valid NIS accounts.
    • (The local ypbind -d "debug mode" shows no response to a login, the "secure" log responds to a valid NIS account login with an "invalid user" a the [preauth] phase)
  • uids of valid NIS users are not recognized. (gids are explicitly declared on all rigs so they’ll match anyway). With ls -l, we see the uid of a file’s owner and not the username.
  • The id command for any valid nis user fails with "no such user"
  • cd ~[Valid NIS User] responds with "no such directory" even if the home directory exists (and the uid matches the uid on the NIS server).
I am totally at a loss here.

Is there any test that I am missing or are there any files or setting where the culprit(s) on the errant machines may be.

Thanks Much
Bill Capehart
SD School of Mines

KPart
Posts: 8
Joined: 2016/07/27 17:36:50

Re: Inconsistent NIS Client Behavior w/ Centos 7

Post by KPart » 2019/01/16 19:06:56

(Found the problem -- there was a tiny difference in the passwd line of the nsswitch file. Time to wear the bifocals full time)

Bill

Post Reply