Credential-related information, such as public keys, is stored in many locations throughout the namespace. NIS+ updates this information periodically, depending on the time-to-live values of the objects that store it, but sometimes, between updates, it gets out of sync. As a result, you may find that operations that should work, don't work. Table 24–2 lists all the objects, tables, and files that store credential-related information and how to reset it.
Table 24–2 Where NIS+ Credential-Related Information Is Stored
Item |
Stores |
To Reset or Change |
---|---|---|
cred table |
NIS+ principal's secret key and public key. These are the master copies of these keys. |
Use nisaddcred to create new credentials; it updates existing credentials. An alternative is chkey. |
Directory object |
A copy of the public key of each server that supports it. |
Run the /usr/lib/nis/nisupdkeys command on the directory object. |
Keyserver |
The secret key of the NIS+ principal that is currently logged in. |
Run keylogin for a principal user or keylogin -r for a principal machine. |
NIS+ daemon |
Copies of directory objects, which in turn contain copies of their servers' public keys. |
Stop the rpc.nisd daemon and the cache manager by disabling the NIS+ service, and then remove NIS_SHARED_DIRCACHE from /var/nis. Then restart the NIS+ service. |
Directory cache |
A copy of directory objects, which in turn contain copies of their servers' public keys. |
Restart the NIS+ cache manager with the -i option. |
Cold-start file |
A copy of a directory object, which in turn contains copies of its servers' public keys. |
Stop the NIS+ service. Remove the NIS_COLD_START and NIS_SHARED_DIRCACHE files from /var/nis. Restart the NIS+ service. |
passwd table |
A user's password or a machine's superuser password. |
Use the passwd -r nisplus command. It changes the password in the NIS+ passwd table and updates it in the cred table. |
passwd file |
A user's password or a machine's superuser password. |
Use the passwd -r nisplus command, whether logged in as superuser or as yourself, whichever is appropriate. |
(NIS) |
A user's password or a machine's superuser password. |
Use passwd -r nisplus. |