Help with setting up NIS

Scott Mitchell scott+freebsd at fishballoon.org
Thu Feb 8 16:46:43 GMT 2007 

On Wed, Feb 07, 2007 at 01:26:41AM +0000, Stephen Allen wrote:
> I'm wanting to configure my FreeBSD 6.1 server to take over the role of 
> NIS server from an aging Solaris 7 box.

Hi Stephen,

[Apologies if you get this twice - I had to resend after the original got
caught in the moderation queue for the mailing list...]

Many moons ago I got FreeBSD happily serving NIS to Linux clients... never
did the same with Solaris so please don't take this as gospel, but it might
help somewhat.

> Please let me know if I can do this a better way, but I am trying to set 
> up the BSD box as a slave NIS server first to transfer all the data, 
> then once it's transferred, just tell it it's a master?  So, when 
> creating the BSD box as a slave, running 'ypinit -s <NIS_Master> 
> <NIS_Domain>' ran almost without error.  However, when transferring some 
> maps, I see these errors:
> 
> Transfering master.passwd.byname...
> ypxfr: failed to find master of master.passwd.byname in domain cms: No 
> such map in server's domain
> ypxfr: Exiting: Could not get master server address
> Transfering master.passwd.byuid...
> ypxfr: failed to find master of master.passwd.byuid in domain cms: No 
> such map in server's domain
> ypxfr: Exiting: Could not get master server address
> Transfering rpc.byname...
> ypxfr: failed to find master of rpc.byname in domain cms: No such map in 
> server's domain
> ypxfr: Exiting: Could not get master server address
> Transfering amd.host...
> ypxfr: failed to find master of amd.host in domain cms: No such map in 
> server's domain
> ypxfr: Exiting: Could not get master server address
> 
> Are these errors the fault of the Solaris server?

I expect the problem is exactly what it says - those maps don't exist on
the Solaris server.  The master.passwd map in particular is a FreeBSD
thing that you're very unlikely to see on a non-FreeBSD NIS server unless
someone has hacked that server to generate it.  Linux uses a different map
("shadow", iirc) for shadow passwords - somewhere I have a patch for
/var/yp/Makefile to generate it from the master.passwd map.  No doubt
Solaris uses some other name for its shadow password map, if one exists at
all on your current server.

You may well end up having to use non-shadowed passwords, by uncommenting
the UNSECURE = "True" line in /var/yp/Makefile.  This should work, but does
mean that every user on your network can see the hashed passwords in your
passwd map.

> And the next step in the FreeBSD handbook says to put 
> '/usr/libexec/ypxfr passwd.byname' as a cron job.  I ran this by hand 
> (as root), and got the following error:
> 
> ypxfr: no destination domain specified and the local domain name isn't set
> ypxfr: Exiting: Request arguments bad
> 
> Can anyone tell me where I'm going wrong please?

My guess is that you really haven't set the domainname.  What does the
"domainname" command give you?

Hope that all is some help...

Best regards,

	Scott

-- 
===========================================================================
Scott Mitchell           | PGP Key ID | "Eagles may soar, but weasels
Cambridge, England       | 0x54B171B9 |  don't get sucked into jet engines"
scott at fishballoon.org | 0xAA775B8B |      -- Anon

More information about the Ukfreebsd mailing list