This section describes NIS+ problems that a typical user might encounter.
There are many possible reasons for a user being unable to log in:
User forgot password. To set up a new password for a user who has forgotten the previous one, run passwd for that user on another machine (naturally, you have to be the NIS+ administrator to do this).
Mistyping password. Make sure the user knows the correct password and understands that passwords are case-sensitive and that the letter “o” is not interchangeable with the numeral “0,” nor is the letter “l” the same as the numeral “1.”
“Login incorrect” type message. For causes other than simply mistyping the password, see Login Incorrect Message.
The user's password privileges have expired (see Password Privilege Expiration in NIS+).
An inactivity maximum has been set for this user, and the user has passed it (see Specifying Maximum Number of Inactive Days for Users in NIS+).
The user's nsswitch.conf file is incorrect. The passwd entry in that file must be one of the following five permitted configurations:
passwd: files
passwd: files nis
passwd: files nisplus
passwd: compat
passwd: compat passwd_compat: nisplus
Any other configuration will prevent a user from logging in.
(See nsswitch.conf File Requirements for Passwords for further details.)
Symptoms:
Users who recently changed their password are unable to log in at all, or are able to log in on some machines but not on others.
Possible Causes:
It may take some time for the new password to propagate through the network. Have users try to log in with the old password.
The password was changed on a machine that was not running NIS+ (see NIS+ User Cannot Log In Using New Password).
Symptoms:
User tries to rlogin to a machine in some other domain and is refused with a “Permission denied” type error message.
Possible Cause:
To rlogin to a machine in another domain, a user must have LOCAL credentials in that domain.
Diagnosis:
Run nismatch username.domainname. cred.org_dir in the other domain to see if the user has a LOCAL credential in that domain.
Solution:
Go to the remote domain and use nisaddcred to create a LOCAL credential for the user in the that domain.
The most common cause of a user being unable to change passwords is that the user is mistyping (or has forgotten) the old password.
Other possible causes:
The password Min value has been set to be greater than the password Max value. See Setting Minimum Password Life in NIS+.
The password is locked or expired. See Login Incorrect Message and Password Locked, Expired, or Terminated.