• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1796
  • Last Modified:

Redhat NIS and PAM

I'm having a hard time finding any clear documentation on how to configure NIS to use PAM. Has anyone ever made it work out of the box? If configuring NIS and PAM is as simple as editing the proper /etc/pam.d config files, which one would it go in and what do I need to get NIS to use PAM? In particular, I'm looking to set up a password policy which includes password complexity requirements (pam_cracklib.so?), account lockout after X failed attempts, as well as a password history. Also should this be configured on the NIS master, or slave or client, or all of them? I know I could get away with login.defs for some of this but I'd like to utilize as much of PAM's power as possible.
0
gick
Asked:
gick
1 Solution
 
ravenplCommented:
On the nis client (cause server don't have to contact nis)
- I assume You already configured the ypbind client
- configure /etc/nsswitch.conf to use nis

passwd:     files nis
shadow:     files nis
group:      files nis

- configure /etc/pwdb.conf
user:
        unix+shadow
        nis+unix+shadow
group:
        unix+shadow
        nis+unix+shadow

- pam should work without reconfiguring /etc/pam.d/ files then
0
 
elf_binCommented:
Use authconfig to configure the client for NIS.
Add the required pam modules to the pam stack in /etc/pam.d/<service> i.e.: /etc/pam.d/login on the client.  Since passwords are being changed on the client, you should add the modules you want to the pam stack on the client.

0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now