rpc.nispasswdd daemon is an ONC+ RPC service that services password update requests from nispasswd(1). It updates password entries in the NIS+ passwd table.
rpc.nispasswdd is normally started from a system startup script after the NIS+ server (rpc.nisd(1M)) has been started. rpc.nispasswdd will determine whether it is running on a machine that is a master server for one or more NIS+ directories. If it discovers that the host is not a master server, then it will promptly exit. It will also determine if rpc.nisd(1M) is running in NIS(YP) compatibility mode (the -Yoption) and will register as yppasswdd for NIS(YP) clients as well.
ypserv and other NIS (YP) compatibility is not supported.
rpc.nispasswdd will syslog all failed password update attempts, which will allow an administrator to determine whether someone was trying to "crack" the passwords.
rpc.nispasswdd has to be run by a superuser.
Set the maximum number of attempts allowed to authenticate the caller within a password update request session. Failed attempts are syslogd(1M) and the request is cached by the daemon. After the maximum number of allowed attempts the daemon severs the connection to the client. The default value is set to 3.
Set the number of minutes a failed password update request should be cached by the daemon. This is the time during which if the daemon receives further password update requests for the same user and authentication of the caller fails, then the daemon will simply not respond. The default value is set to 30 minutes.
Debug. Run in debugging mode.
Generate DES credential. By default the DES credential is not generated for a user if who does not have one. By specifying this option, if a user does not have a credential, then one will be generated and stored in the NIS+ cred table.
Verbose. With this option, the daemon sends a running narration of what it is doing to the syslog daemon. This option is useful for debugging problems.
rpc.nispasswdd must be run with a UID of 0 and with a sensitivity label of
ADMIN_LOW. On startup, rpc.nispasswdd must inherit the
net_upgrade_sl privileges. ypserv and other NIS (YP) compatibility is not supported.
See attributes(5) for descriptions of the following attributes:
|ATTRIBUTE TYPE||ATTRIBUTE VALUE|