Solved

Redhat NIS and PAM

Posted on 2008-06-10
5
1,748 Views
Last Modified: 2013-12-16
I'm having a hard time finding any clear documentation on how to configure NIS to use PAM. Has anyone ever made it work out of the box? If configuring NIS and PAM is as simple as editing the proper /etc/pam.d config files, which one would it go in and what do I need to get NIS to use PAM? In particular, I'm looking to set up a password policy which includes password complexity requirements (pam_cracklib.so?), account lockout after X failed attempts, as well as a password history. Also should this be configured on the NIS master, or slave or client, or all of them? I know I could get away with login.defs for some of this but I'd like to utilize as much of PAM's power as possible.
0
Comment
Question by:gick
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 43

Accepted Solution

by:
ravenpl earned 250 total points
ID: 21760175
On the nis client (cause server don't have to contact nis)
- I assume You already configured the ypbind client
- configure /etc/nsswitch.conf to use nis

passwd:     files nis
shadow:     files nis
group:      files nis

- configure /etc/pwdb.conf
user:
        unix+shadow
        nis+unix+shadow
group:
        unix+shadow
        nis+unix+shadow

- pam should work without reconfiguring /etc/pam.d/ files then
0
 
LVL 10

Expert Comment

by:elf_bin
ID: 21760814
Use authconfig to configure the client for NIS.
Add the required pam modules to the pam stack in /etc/pam.d/<service> i.e.: /etc/pam.d/login on the client.  Since passwords are being changed on the client, you should add the modules you want to the pam stack on the client.

0

Featured Post

To Patch or not to Patch? That is the question!

Don't get caught out like thousands of others around the world in the recent Ransomware Fiasco!
Discuss..
- Why it's not a good idea to wait before Patching
- Sensible approaches to Patching discussed
- Add your feedback, comments and suggestions

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port Scan attack in Symantec EndPoint Protection 4 47
sed replace command 12 28
leap year shell script 10 52
IT pictures and movies to alert the staff 11 67
Ransomware continues to grow in reach and sophistication, putting data everywhere at risk. Learn how to avoid being caught in its sinister clutches with these 11 key tips.
Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying How To Identify the Scam Email You will see an email from someone you’ve had co…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question