×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Authentication order with NIS / ypbind

Authentication order with NIS / ypbind

Authentication order with NIS / ypbind

(OP)
Hello,
Running on AIX 7.1 or AIX 7.2 here is the context:
- ypbind is running to permit NIS authentication, identification is done with NIS table auto.home.
This work fine and could not be changed yet. Tests where done with su or ssh.

- When a user try connecting, and this user is absent from auto.home (for instance a pure local user) the connection lasts for several seconds (up to 30 sec). This could lead to timeout.
- A user locally defined in /etc/passwd AND in auto.home is quickly connected. The uid in /etc/passwd and in auto.home could even be different, it is quickly connected! Only the username is relevent.

- I've tried to change /etc/security/user to force SYSTEM=files and registry=files, but the behavior was the same (former set to "compat OR LDAP")
Using truss, i've seen that when a domainname is spotted, all the auto.home table is read. The seek stops when a username is found, and it is the reason it's quicker when a local user is also defined in auto.home.
- I've tried to connect through PAM, but the behavior was the same. Not worse nor better.
- Of course, stopping ypbind, stops also this strange behavior.

Does anybody know how to avoid to read the very long (15000 records) auto.home table when a user is locally defined and does not require NIS credentials ?

Thank you

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close