SUMMARY NIS+ setup II

From: Rasana P. Atreya (Rasana.Atreya@library.ucsf.edu)
Date: Thu Jun 20 1996 - 12:06:16 CDT


Hi!

My thanks to
From: Daniel.Blander@ACSacs.Com (Special thanks for responding each time!)
From: tindall@lgu.ac.uk
From: iv08480@issc02.mdc.com (Colin Melville)
From: hxktb0@svho1ds_1.supervalu.com (Kris Briscoe)

My original post and the responses follow.

Thanks again!
Rasana
---------------------------------------------------------------------------
Hi!

I'm trying to setup NIS+ on Solaris 2.5. Why do I get the following error?

Thank you!
Rasana

# nispopulate -F -v -d xyz.edu.

dumping passwd table...
loading credential table...
nisaddcred: need not add LOCAL entry for root <==== ERROR
nisaddcred: unable to create credential. <==== ERROR

---------------------------------------------------------------------------
From: Daniel.Blander@ACSacs.Com

User root already has been setup as part of the initialization
of your NIS+ - it is a inoculous error and can be ignored.

Root and the server system share the same "object" in your
NIS+ tree so when the server object was set up, the root
user was also - and when nispopulate goes to populate for
the user "root" in your passwd file, it finds that it already
exists.

---------------------------------------------------------------------------
From: tindall@lgu.ac.uk

Rasana,

this error is refering to the credential table that is used by NIS+ to determine
access rights to the NIS+ namespace. When you first set NIS+ up, a DES
credential is setup for root (a LOCAL credential is only required for user's not
for hosts). When you execute the nispopulate command, the machine then tries to
recreate the credential that already exists for root, which is why the error is
appearing.
   A good book on NIS+ Administration to have is All About Understanding NIS+ by
Rick Ramsey (ISBN 0-13-309576-2). It should explain a lot of the problems you
may come accross with NIS+.
   
Hope this helps.

---------------------------------------------------------------------------
From: iv08480@issc02.mdc.com (Colin Melville)

Rasana,

Take root out of the passwd file you're populating with. NIS+ uses the machines credentials vice root. (If it didn't, any root user from anywhere in the world could get into you're net).

Colin

---------------------------------------------------------------------------
From: hxktb0@svho1ds_1.supervalu.com (Kris Briscoe)

This error is not really an error, rather an iformative message. In the NIS+
realm it is not allowed to have root as an authenticated user. Roots uid is 0.
Well the way nis+ handles machines is to treat them as a user, uid=0 also. So
see it would be impossible to have 2 uid=0 users. Also would pose a security
risk.

For further reference check out the book "All about Administering NIS+" 2nd
edition. author is Rick Ramsey. ISBN is 0-13-309576-2.

This book is very well written and helps out a lot. If you are running 2.4 make
sure you have all the patches recommended in the latest sunsolve.

2.5 works superbly...most bugs have magically disappeared?...thats sun for ya.

hope this helps,
Regards,
Kris Briscoe
---------------------------------------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ Rasana Atreya Voice: (415) 476-3623 ~
~ Programmer/Analyst and Red Sage Administrator Fax: (415) 476-4653 ~
~ Library & Ctr for Knowledge Mgnt, Univ. of California at San Francisco ~
~ 530 Parnassus Ave, Box 0840, San Francisco, CA 94143-0840 ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ Rasana Atreya Voice: (415) 476-3623 ~
~ Programmer/Analyst and Red Sage Administrator Fax: (415) 476-4653 ~
~ Library & Ctr for Knowledge Mgnt, Univ. of California at San Francisco ~
~ 530 Parnassus Ave, Box 0840, San Francisco, CA 94143-0840 ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:02 CDT