Solved

Redhat NIS and PAM

Posted on 2008-06-10
5
1,737 Views
Last Modified: 2013-12-16
I'm having a hard time finding any clear documentation on how to configure NIS to use PAM. Has anyone ever made it work out of the box? If configuring NIS and PAM is as simple as editing the proper /etc/pam.d config files, which one would it go in and what do I need to get NIS to use PAM? In particular, I'm looking to set up a password policy which includes password complexity requirements (pam_cracklib.so?), account lockout after X failed attempts, as well as a password history. Also should this be configured on the NIS master, or slave or client, or all of them? I know I could get away with login.defs for some of this but I'd like to utilize as much of PAM's power as possible.
0
Comment
Question by:gick
5 Comments
 
LVL 43

Accepted Solution

by:
ravenpl earned 250 total points
ID: 21760175
On the nis client (cause server don't have to contact nis)
- I assume You already configured the ypbind client
- configure /etc/nsswitch.conf to use nis

passwd:     files nis
shadow:     files nis
group:      files nis

- configure /etc/pwdb.conf
user:
        unix+shadow
        nis+unix+shadow
group:
        unix+shadow
        nis+unix+shadow

- pam should work without reconfiguring /etc/pam.d/ files then
0
 
LVL 10

Expert Comment

by:elf_bin
ID: 21760814
Use authconfig to configure the client for NIS.
Add the required pam modules to the pam stack in /etc/pam.d/<service> i.e.: /etc/pam.d/login on the client.  Since passwords are being changed on the client, you should add the modules you want to the pam stack on the client.

0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Each year, investment in cloud platforms grows more than 20% (https://www.immun.io/hubfs/Immunio_2016/Content/Marketing/Cloud-Security-Report-2016.pdf?submissionGuid=a8d80a00-6fee-4b85-81db-a4e28f681762) as an increasing number of companies begin to…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question