Solved

Can't log on to NIS

Posted on 2002-04-29
27
507 Views
Last Modified: 2010-03-17
Ok, I setup and NIS server and one client.  The client binds to the domain ok, but when I try to login with an nis user name/password, it says:

Session setup problem, abort.

Any idea what this is or how to fix it?
0
Comment
Question by:packratt_jk
  • 13
  • 7
  • 7
27 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6979848
what does  ypwhich  report on the client?
what are the entries for passwd and shadow in /etc/nsswitch.conf?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6980434
That sounds supiciously like a permissions problem on the user's home dir that's preventing some part of the X startup form completing. Can this user log in on the clinet from the console and if so do they have a home dir and can write to it? Is your NIS environment using auto mounted home dirs?
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6981464
ypwhich reports the ip address of the nis server.
/etc/nsswitch.conf (client) is as follows:

passwd: compat
shadow: compat
group: compat
hosts: nis files dns
networks: nis files dns
ethers: nis files
protocols: nis files
rpc: nis files
services: nis files

The same problem happens when I try to login to a console.  The users do not have a home directory on the client, so it looks like jlevie is on the right track.  I assume in this case that I should mount /home  on the nis server to /home on the clients but how?  NFS??

Please explain how I set this up.

Thanks
0
 
LVL 40

Accepted Solution

by:
jlevie earned 250 total points
ID: 6981770
You could export /home on the server and mount that on the client, but a bettwe and more flexible solution would be to use an auto mount table. That way the definition on the users home dir is controlled server side and you don't have to make sure that the resource is available when each client boots. The automounter will mount and unmount each user's home dir on demand.

You would need to make sure that autofs is installed and enabled at boot on each client and that you include an auto.home map in your NIS configuration.
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6981905
Ok, that makes sense, but where do I make the auto.home map and how do I force the NIS server to use it?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6981924
> .. do I make the auto.home map and how do I force the NIS server to use it.

simply add a line like follows to /etc/auto.net (assuming that auto.net is used in /etc/auto.master):

/home -fstype=nfs your-server:/exported/share/name/for/home

(I recommend to remove the x-bits from all /etc/auto.* files, except you know what you're doing:)
Then restart autofs.

When you say "force the NIS server to use it", do you mean the auto.net file, or the /home directory?
For /home directory, see above.
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6981962
Ok, I assume I'm editting these files on the clients, but I can't seem to be able to find them anywhere, on the clients or on the server.  I don't seem to have any /etc/auto* files at all, nor am I able to find an autofs program.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6982031
sounds like there is no automounter installed.
I suggest to use simple mount, just add an appropriate line to /etc/fstab, then mount it.
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6982077
Ok, I read in the NFS how to that I can just add the entry to /etc/fstab.  Is there any downside to doing it that way?
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6982240
Well, I added the entry to fstab and I can now see the mapped /home drive, but the directories there (one per user) are not accessible (permission denied).  What am I missing here?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6984078
Mounting the server's export via fstab will work, but it isn't very flexible in that it's not easy to use multiple file servers. There's also the problem of clients hanging at boot or shutdown if the server isn't up and running at that time (using intr on the mount flags helps). Using an auto.home map and autofs on the clients is the classic solution, which avoids those complications.

In an auto.home scenario one normally stores user dirs on a mount point other than /home. Personally I use /nfs0, /nfs1, etc. On the server /home is simply a directory for the automounter to use. The home dir area(s) are exported out to all clients with:

/nfs0    (rw,root_squash)

If you are in a less than trustworthy environment you may wish to impose access restrictions to just those system that are members of the NIS domain. That's easy to do with netgroups.

The auto.home file contains an entry for each user like:

user1     server:/nfs0/user1-dir
user2     server:/nfs0/user2-dir

And there are other things one can do there. For example I maintain a PD source repository that I'd like to be able to access on multiple systems. It lives on a another system, not the file server, so my auto.home contains:

user1     server.dom.tld:/nfs0/user1-dir
user2     server.dom.tld:/nfs0/user2-dir
src       other-box.dom.tld:/nfs1/sources

Since all of this is "smoke and mirrors", no changes on the client are required if something needs to be moved from one server to another. Just change move the data, change the auto.home map and the clients see it.

   
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6984258
ok, so the auto.home map is on the server and gets pushed to the nis clients?
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6984631
Ok, let me see if i understand this.

1) add the auto.home map to the nis server.
2) when a user logs in via nis, the map gets transfered to the client and the appropriate directories automount.

Do i have this right?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 51

Expert Comment

by:ahoffmann
ID: 6985346
I would recommend to have the automounter files *not* handled by NIS, but manage them locally on each client (or simply add one line in /etc/fstab).
If there is a problem in NIS or automounter, you're searching a long time for the reason, usually, believe me .. (it worked fine in homogenous SunOS and/or Solaris, but Linux is a bit nasty here)
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6986754
packratt_jk,

Right, you modify the NIS Makefile to include automount maps and populate the files. Then the NIS clients can automagically see the data. The autofs implementaion in 7.x will look for a NIS map and use that data if it's available. RH 6.2 needs a +auto.home in /etc/auto.home, if memory serves.

ahoffman,

I've got networks using NIS hosted on Solaris, IRIX, and Linux and clients ranging from RH 6.2-7.3beta. We've never had any problem getting the clients to use the NIS automount maps in any of those networks.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6986932
jlevie, didn't say that it is impossible in heterogenous networks, just that unexperianced networkers may have difficulties debugging problems ther.
It was just a hint to keep it simple 'til it works.
Sorry for confusion.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6987014
Oh, okay. It sounded like you were alluding to some problem with the Linux NIS or autofs that I wasn't aware of. I personally think that it's less of a problem to use a NIS map than it is to use files on the clients. The chances of the various clients getting out of sync with the server(s) is greater and it's not as obvious to the inexperienced what's wrong. And then there's the auto_home/auto.home file name differences on Solaris systems...
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6987092
well, if there is an experianced admin, agreed ;-)

packratt_jk, sorry for being a bit off-topic
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6987544
It's ok - sorry for being a little confused.

I understand the concept here, I'm just having problems setting it up.  I understand that I need to have these maps pushed to the clients, but i don't understand how to make these maps or how to have the nis server pass them on to the clients.  Please explain what I need to to on the nis server to make this happen.

Thanks,
pack
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6987547
>>Right, you modify the NIS Makefile to include automount maps and populate the files.

where is this file and what do I need to change to make automounting work?

>>The autofs implementaion in 7.x will look for a NIS map and use that data if it's available.

I installed RH 7.2 on the clients to ensure this type of operability.


So, I just need to modify the makefile on the server to include automount maps.  Those maps then get pushed to (or pulled from) the nis clients and are automounted.  Right?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6988042
on your NIS master (or slave) server you need a database of these files. This database is simply a directory with an Makefile, /var/yp usually (not shure for RH).
In the Makefile you have to specify the maps, how they are generated (Makefile dependencies) and how they are distributed.
You need to deside if you want them to be pushed from NIS server to NIS clients, or pulled by clients from server.
Then you need to initialize the NIS master server, check the files in /var/yp/ (or wherever the database is by default).
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6988813
what are the advantages/disadvantages of server-push vs client-pull?
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6989230
Ok, I put the home mappings on the back burner until I can get that figured out.  In the meantime, I mounted manually with a mount command at boot.  The clients can now log in and X boots, but it runs extremely slow.  There doesn't seem to be any extreme amounts of network traffic, yet KDE takes over 5 minutes to boot.  I tried logging in with a non NIS account (root), and everything works normally.  Is nfs just really slow or do I have something setup wrong?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6992271
Something is wrong. With the home dir area already mounted logins should be almost as fast with an NFS mounted home as they are to a local disk (assuming a reasonably loaded network).

There could be a network problem and the first thing I'd look at would be to see if I had a link speed/mode mis-negotitation, which can easily happen when you have 10/100 NICs and 10/100 hubs or switches. A quick and dirty (and very reliable) indicator is to attempt an FTP transfer between the server an a client of a 2-5Mb file in both directions. If there's a link problem you'll see very low data rates, usually in the 10's of Kb/sec or lower. On the other hand, if everything is right you should get about 600-800Kb/sec for a 10Mbps link or 6-8Mb/sec for a 100Mbps link.

The fix for a link mis-negotiation problem is to force one or both ends of the link to a fixed speed/mode. Exactly how that's done depends on what NIC's are in use and whether you have a switch (and what kind) or a hub.
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6994850
Wow, that works great!  I checked ifconfig on the client and it had thousands of bad rx packets, so I swapped out the cable and now it works as expected.  I would still like to get the automounting to work, but I will post that in a different thread.

Thanks!
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6995649
If I get time in the next day or so I'll document the process that I use to configure NIS for a classical environment with automounted home dirs. I'll post that in this question.
0
 
LVL 3

Author Comment

by:packratt_jk
ID: 6999391
Well, I already posted a new question about that here: http://www.experts-exchange.com/jsp/qManageQuestion.jsp?ta=linuxnet&qid=20298028

so prolly better to post it there.

Thanks though, I look forward to using the automounting :)
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now