NFS Services Administrator's Guide
Troubleshooting NFS Services
Common Problems with NIS+
Chapter 8318
If You Have Authentication or Permissions Problems
❏ Issue the following command to determine whether you are
authenticated:
niscat passwd.org_dir
If you are authenticated, you should be able to see the encrypted
password field for your user ID. If you are not authenticated, the
password field for your user ID will display *NP*.
❏ If you are not authenticated, try to keylogin using your login
password. If that does not work, try the password “nisplus”. If that
does not work, try your most recent login password.
❏ If the error you see is “Password does not decrypt sectet key,” you can
probably fix it by issuing the keylogin command. This error is
normal if you are running in a secure environment where a user’s
login password and secure RPC password are different. Users whose
login and secure RPC password should be the same can fix this error
by performing a keylogin and then issuing the following command:
/usr/lib/nis/nisclient -u
❏ If you are a root user on an NIS+ replica server, and you cannot
become authenticated, recreate the credentials for the replica, then
remove and add the replica. See “To Create New Credentials for an
Existing NIS+ Principal” on page 250, “To Remove a Replica Server
from an NIS+ Domain” on page 260, and “To Set Up NIS+ Replica
Servers” on page 222.
❏ If you are a root user on the root master server, and you cannot
become authenticated, recreate the credentials for the root master
server. See “To Create New Credentials for the Root Master Server”
on page 251.
❏ Use the niscat(1) or nismatch(1) command to make sure the cred
table contains credentials for you. If necessary, log in as an
authenticated user and issue the nisaddcred(1M) command to
create credentials for your NIS+ principal.
❏ Issue the niscat -o command to check the ownership and
permissions on the object you are trying to access. If necessary, use
the nischmod(1) command to modify the permissions on the object.