[Techtalk] NIS issues

Nicole Zimmerman colby at wsu.edu
Wed Aug 15 14:28:43 EST 2001

We have an NIS server running on the domain 'corp'. Usually we do not have
a problem connecting to the NIS server -- but there is a catch.

In the past we have always set up machines with the same hostname in linux
and windows. BUT for samba sharing sake (we use a win2k server with active
directory), we decided to go with computername for windows and
computername-linux for linux. We just set up *one* machine this way and
this one machine cannot connect to the linux YP server for authentication
(but it can find out that there IS a user by that name there). It errors
out with "authentication method failed".

On the server is a log entry that looks like:

Aug 15 07:38:04 server ypserv[218]: refused connect from
to procedure ypproc_match

I thought it might be that the server could not reverse lookup the IP to
the hostname, but I added a DNS alias to point from computername-linux to
computername (as in they are the same). So now it can reverse lookup the
IP, but it looks like computername instead of computername-linux:

> host computername-linux
computername-linux.domain.com 	CNAME 	computername.domain.com
computername.domain.com 	A

On a whim, I just changed this to be another A record (instead of a CNAME)
but since someone is working on the machine I can't have them reboot to
linux to try it.

However... looking it up in the *other* direction still refers back to
computername.domain.com and not computername-linux.domain.com:

> host
Name: computername.domain.com

So I'm doubtful that this will fix the problem either (if it is a reverse 
lookup issue).

Anyway I still don't know if that will even come close to fixing the
problem. Why would the client be able to connect to the ypserver to fetch
user information (i.e. it knew the user existed on the server) but not to
authenticate? Wouldn't a name resolution error happen *both* times (if
that were the problem)? I didn't think NIS used DNS records? Is there a
debug mode for NIS that I can use easily?

Maybe adding an entry on the server's /etc/hosts that points it right to
computername-linux will help. I donno though.

I did a google search on the error and found nothing useful. Our DNS is
done by the same windows box. Ditto DHCP.


More information about the Techtalk mailing list