NFS Services Administrator's Guide
Troubleshooting NFS Services
Common Problems with NIS+
Chapter 8320
❏ If a user’s login password is different from the user’s secure RPC
password, the user must perform a keylogin after login in order to
become authenticated.
❏ If a user logs into a remote host that does not require a password, for
example, because it has an entry for the user in a $HOME/.rhosts or
/etc/hosts.equiv file, the user must perform a keylogin after
login in order to become authenticated.
❏ Make sure the publickey entry in the /etc/nsswitch.conf file is
set to nisplus.
❏ A user’s or host’s credentials may have become corrupted. If the user
experiencing the problem is a non-root user, tell the user to issue the
keylogout command followed by the keylogin command. If the user
experiencing the problem is a root user, tell the root user to remove
the /etc/.rootkey file and then issue the keylogout -f command
followed by the keylogin -r command.
❏ An out-of-date /etc/.rootkey file might exist. Use the ls -l
command to compare the date on the /etc/.rootkey file with the
date on the cred.org_dir table. If the /etc/.rootkey file is much
older than the cred table, it could be out of date. Run keylogin -r
as root on the problem host, and then reinitialize the host as an NIS+
client.
❏ If your server is running at security level 0, and you try to run
nispasswd to change your password, NIS+ will display an error
message saying that you do not have secure RPC credentials for the
domain.
❏ If you have changed the name of a domain, many NIS+ operations
will fail, because the old domain name is embedded in objects
throughout the domain. Do not change the name of an existing
domain. If you have already done so, change the name back to the
original. To rename a domain, create a new domain, initialize clients
in the new domain, and then remove the old domain.