[Techtalk] NIS issues
Nicole Zimmerman
colby at wsu.edu
Wed Aug 15 14:28:43 EST 2001
We have an NIS server running on the domain 'corp'. Usually we do not have
a problem connecting to the NIS server -- but there is a catch.
In the past we have always set up machines with the same hostname in linux
and windows. BUT for samba sharing sake (we use a win2k server with active
directory), we decided to go with computername for windows and
computername-linux for linux. We just set up *one* machine this way and
this one machine cannot connect to the linux YP server for authentication
(but it can find out that there IS a user by that name there). It errors
out with "authentication method failed".
On the server is a log entry that looks like:
Aug 15 07:38:04 server ypserv[218]: refused connect from 192.168.1.56:1037
to procedure ypproc_match
I thought it might be that the server could not reverse lookup the IP to
the hostname, but I added a DNS alias to point from computername-linux to
computername (as in they are the same). So now it can reverse lookup the
IP, but it looks like computername instead of computername-linux:
> host computername-linux
computername-linux.domain.com CNAME computername.domain.com
computername.domain.com A 192.168.1.56
On a whim, I just changed this to be another A record (instead of a CNAME)
but since someone is working on the machine I can't have them reboot to
linux to try it.
However... looking it up in the *other* direction still refers back to
computername.domain.com and not computername-linux.domain.com:
> host 192.168.1.56
Name: computername.domain.com
Address: 192.168.1.56
So I'm doubtful that this will fix the problem either (if it is a reverse
lookup issue).
Anyway I still don't know if that will even come close to fixing the
problem. Why would the client be able to connect to the ypserver to fetch
user information (i.e. it knew the user existed on the server) but not to
authenticate? Wouldn't a name resolution error happen *both* times (if
that were the problem)? I didn't think NIS used DNS records? Is there a
debug mode for NIS that I can use easily?
Maybe adding an entry on the server's /etc/hosts that points it right to
computername-linux will help. I donno though.
I did a google search on the error and found nothing useful. Our DNS is
done by the same windows box. Ditto DHCP.
-nicole
More information about the Techtalk
mailing list