It looks like I missed a step in setting up my IPA server for NIS compatability.

[root@server ~]# ldapmodify -D "cn=directory server" -w secret -p 389 -h 
ipaserver.example.com

dn: cn=config
changetype: modify
replace: passwordStorageScheme
passwordStorageScheme: crypt

When I try to run that command I get the following error;
Ldap_bind: No Such Object (32)

I can manually add that to the dse.ldif right? If so where would it go?

Thanks,

Matt


-----Original Message-----
From: freeipa-users-boun...@redhat.com 
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Joseph, Matthew (EXP)
Sent: Friday, April 05, 2013 8:14 AM
To: Rob Crittenden; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: NIS Compat Password Issues

My old NIS server we used shadow passwords.
When I migrated my passwd nis file to IPA I'm assuming it also imported the 
part of the file that contains  the "x" to point it towards a shadow file.

Would I need to remove the "x" from the nis passwd file and re-migrate it to 
IPA?
Is there a better way to get around this?

Matt

-----Original Message-----
From: freeipa-users-boun...@redhat.com 
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Joseph, Matthew (EXP)
Sent: Friday, April 05, 2013 6:40 AM
To: Rob Crittenden; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: NIS Compat Password Issues

Hey Rob,

The passwd section of nsswitch.conf is the following;

Passwd: files nis

Matt

-----Original Message-----
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Thursday, April 04, 2013 3:05 PM
To: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] NIS Compat Password Issues

Joseph, Matthew (EXP) wrote:
> Hello,
>
> I've having issues with trying to login to our NIS clients that are 
> looking at IPA as a "NIS" Server.
>
> The NIS Client can view all of the usernames when I do a ypcat passwd 
> but when I try to login a with a user account it will not accept the 
> password. I've even tried setting it as simple as Password123 and 
> still nothing.
>
> I don't see anything NIS related in the error logs on the IPA server.
>
> Can someone point me in the right direction for this?

What does your nsswitch.conf look like?

Note that IPA does not provide the shadow map (because it sends hashes in the 
clear).

rob


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to