Contenu | Rechercher | Menus

Annonce

Si vous avez des soucis pour rester connecté, déconnectez-vous puis reconnectez-vous depuis ce lien en cochant la case
Me connecter automatiquement lors de mes prochaines visites.

À propos de l'équipe du forum.

Pages : 1

#1 Le 08/01/2007, à 18:24

p.o.

Serveur NIS, client OS X

Bonjour tous!

Voila je suis en train de monter un serveur NIS sous Kubuntu 6.06 et je rencontre un pb avec un client sous OS X . Je ne peux me logguer sur le client qu'en sudoer via la commande 

sudo su film

("film" est un utilisateur type du serveur). La commande toute simple 

su film

me refuse l'acces.

Le serveur parait bien configure. En effet :
1. la commande rpcinfo -p me dit que les services portmapper, ypserv et ypbind tournent comme il faut
2. une tentative de connexion via un tiers client Ubuntu fonctionne tres bien. Traduire : 

su film

me demande mon passwd et je me loggue correctement.

Mon petit doigt (cf. le tuto http://www.bresink.de/osx/nis.html) me dit que le pb vient de l'encryptage des mots de passe : le module client NIS ne gererait pas les mdp shadow alors que Ubuntu si!

Ci-joint la partie configurable du fichier /var/yp/Makefile

#
# Makefile for the NIS databases
#
# This Makefile should only be run on the NIS master server of a domain.
# All updated maps will be pushed to all NIS slave servers listed in the
# /var/yp/ypservers file. Please make sure that the hostnames of all
# NIS servers in your domain are listed in /var/yp/ypservers.
#
# This Makefile can be modified to support more NIS maps if desired.
#

# Set the following variable to "-b" to have NIS servers use the domain
# name resolver for hosts not in the current domain. This is only needed,
# if you have SunOS slave YP server, which gets here maps from this
# server. The NYS YP server will ignore the YP_INTERDOMAIN key.
#B=-b
B=

# If we have only one server, we don't have to push the maps to the
# slave servers (NOPUSH=true). If you have slave servers, change this
# to "NOPUSH=false" and put all hostnames of your slave servers in the file
# /var/yp/ypservers.
NOPUSH=true

# Specify any additional arguments to be supplied when invoking yppush.
# For example, the -port option may be used to allow operation with port
# based firewalls.
YPPUSHARGS=

# We do not put password entries with lower UIDs (the root and system
# entries) in the NIS password database, for security. MINUID is the
# lowest uid that will be included in the password maps. If you
# create shadow maps, the UserID for a shadow entry is taken from
# the passwd file. If no entry is found, this shadow entry is
# ignored.
# MINGID is the lowest gid that will be included in the group maps.
MINUID=100
MINGID=100

# Don't export this uid/guid (nfsnobody).
# Set to 0 if you want to
NFSNOBODYUID=65534
NFSNOBODYGID=65534

# Should we merge the passwd file with the shadow file ?
# MERGE_PASSWD=true|false
MERGE_PASSWD=false

# Should we merge the group file with the gshadow file ?
# MERGE_GROUP=true|false
MERGE_GROUP=false

# These are commands which this Makefile needs to properly rebuild the
# NIS databases. Don't change these unless you have a good reason.
AWK = /usr/bin/awk
MAKE = /usr/bin/make
UMASK = umask 066

#
# These are the source directories for the NIS files; normally
# that is /etc but you may want to move the source for the password
# and group files to (for example) /var/yp/ypfiles. The directory
# for passwd, group and shadow is defined by YPPWDDIR, the rest is
# taken from YPSRCDIR.
#
YPSRCDIR = /etc
YPPWDDIR = /etc
YPBINDIR = /usr/lib/yp
YPSBINDIR = /usr/sbin
YPDIR = /var/yp
YPMAPDIR = $(YPDIR)/$(DOMAIN)

# These are the files from which the NIS databases are built. You may edit
# these to taste in the event that you wish to keep your NIS source files
# seperate from your NIS server's actual configuration files.
#
GROUP       = $(YPPWDDIR)/group
PASSWD      = $(YPPWDDIR)/passwd
SHADOW      = $(YPPWDDIR)/shadow
GSHADOW     = $(YPPWDDIR)/gshadow
ADJUNCT     = $(YPPWDDIR)/passwd.adjunct
#ALIASES     = $(YPSRCDIR)/aliases  # aliases could be in /etc or /etc/mail
ALIASES     = /etc/aliases
ETHERS      = $(YPSRCDIR)/ethers     # ethernet addresses (for rarpd)
BOOTPARAMS  = $(YPSRCDIR)/bootparams # for booting Sun boxes (bootparamd)
HOSTS       = $(YPSRCDIR)/hosts
NETWORKS    = $(YPSRCDIR)/networks
PRINTCAP    = $(YPSRCDIR)/printcap
PROTOCOLS   = $(YPSRCDIR)/protocols
PUBLICKEYS  = $(YPSRCDIR)/publickey
RPC         = $(YPSRCDIR)/rpc
SERVICES    = $(YPSRCDIR)/services
NETGROUP    = $(YPSRCDIR)/netgroup
NETID       = $(YPSRCDIR)/netid
AMD_HOME    = $(YPSRCDIR)/amd.home
AUTO_MASTER = $(YPSRCDIR)/auto.master
AUTO_HOME   = $(YPSRCDIR)/auto.home
AUTO_LOCAL  = $(YPSRCDIR)/auto.local
TIMEZONE    = $(YPSRCDIR)/timezone
LOCALE      = $(YPSRCDIR)/locale
NETMASKS    = $(YPSRCDIR)/netmasks

YPSERVERS = $(YPDIR)/ypservers  # List of all NIS servers for a domain

target: Makefile
        @test ! -d $(LOCALDOMAIN) && mkdir $(LOCALDOMAIN) ; \
        cd $(LOCALDOMAIN)  ; \
        $(NOPUSH) || $(MAKE) -f ../Makefile ypservers; \
        $(MAKE) -f ../Makefile all

# If you don't want some of these maps built, feel free to comment
# them out from this list.

ALL =   passwd hosts group
#ALL =  passwd group hosts rpc services netid protocols netgrp
#ALL += publickey mail ethers bootparams printcap
#ALL += amd.home auto.master auto.home auto.local
#ALL += timezone locale networks netmasks

# Autodetect /etc/shadow if it's there
ifneq ($(wildcard $(SHADOW)),)
ALL += shadow
endif

# Autodetect /etc/passwd.adjunct if it's there
ifneq ($(wildcard $(ADJUNCT)),)
ALL += passwd.adjunct
endif
                                                                              
all:   $(ALL)

... et le fichier /etc/ypserv.conf

#
# ypserv.conf   In this file you can set certain options for the NIS server,
#               and you can deny or restrict access to certain maps based
#               on the originating host.
#
#               See ypserv.conf(5) for a description of the syntax.
#

# The following, when uncommented,  will give you shadow like passwords.
# Note that it will not work if you have slave NIS servers in your
# network that do not run the same server as you.

# Host                       : Domain  : Map              : Security
#
# *                          : *       : passwd.byname    : port/mangle       
# *                          : *       : passwd.byuid     : port/mangle       

# This is the default - restrict access to the shadow password file,
# allow access to all others.
#*                            : *       : shadow.byname    : port
#*                            : *       : passwd.adjunct.byname : port
#*                            : *       : *                : none
*                : *       : group.byname             : port
*                : *       : group.byuid              : port
*                : *       : passwd.byname            : port
*                : *       : passwd.byuid             : port
*                : *       : passwd.adjunct.byname    : port

Quelqu'un pourrait-il m'aider SVP ?

Merci !
P.O.

Hors ligne

#2 Le 09/01/2007, à 01:39

p.o.

Re : Serveur NIS, client OS X

Aller un petit up please!

Ya-t-il des gens qui ont reussi a integrer leur OS X a un environnement NIS gere sous Ubuntu?

Hors ligne

Pages : 1