Mac OS X 10.5/6, authenticate against by NIS or LDAP when both servers have your username

Posted by Wang on Server Fault See other posts from Server Fault or by Wang
Published on 2010-05-19T05:21:04Z Indexed on 2010/05/19 5:31 UTC
Read the original article Hit count: 281

Filed under:

nis

|

ldap

|

macosx

We have an organization-wide LDAP server and a department-only NIS server. Many users have accounts with the same name on both servers. Is there any way to get Leopard/Snow Leopard machines to query one server, and then the other, and let the user log in if his username/password combination matches at least one record?

I can get either NIS authentication or LDAP authentication. I can even enable both, with LDAP set as higher priority, and authenticate using the name and password listed on the LDAP server. However, in the last case, if I set the LDAP domain as higher-priority in Directory Utility's search path and then provide the username/password pair listed in the NIS record, then my login is rejected even though the NIS server would accept it.

Is there any way to make the OS check the rest of the search path after it finds the username?

© Server Fault or respective owner

Related posts about nis

NIS user not being added to NIS group

as seen on Server Fault - Search for 'Server Fault'
I have set up a NIS server and several NIS clients. I have a user and a group on the NIS server like so: /etc/passwd: myself:x:5000:5000:,,,:/home/myself:/bin/bash /etc/group: fishy:x:3001:otheruser,etc,myself,moreppl I imported the users and groups on the NIS client by adding +:::::: to /etc/passwd… >>> More
NIS client cannot find NIS server (Opensuse)

as seen on Server Fault - Search for 'Server Fault'
I installed NIS server on head node of a virtual cluster(VirtualBox). One of the node (let's say node-1) can find NIS server and work with it, but another node (node-2) just can't find the NIS server in Yast while it can ping and ssh to both head node and node-1. BTW, all the nodes are VMs, head node… >>> More
NIS password mapping question

as seen on Stack Overflow - Search for 'Stack Overflow'
I have NIS server with user "techsupport", which has uid/gid = 517 I've configured NIS and NFS on that server, as well as NFS/NIS client on the remote web server. Now I need to techsupport user to be able to login to web server using techsupport username, but HAVE root privileges. I need this,… >>> More
Can I use netgroup at an NIS Client (Redhat) to restrict access to it?

as seen on Server Fault - Search for 'Server Fault'
Our company has a central NIS configuration that we are using to access our teams servers (Redhat)... The current configuration allows all valid NIS authenticated users to connect to our servers. We cannot update or change something on the NIS Master Server... so... Is there a way to use netgroups… >>> More
Password rules for yppasswd

as seen on Server Fault - Search for 'Server Fault'
Hello all, I have a NIS master-slave setup and I would like to improve the password rules/complexity for it. Seems like if I introduce new rules to the NIS Master they are applicable only from there. What I mean: I want minimal password length of 9 characters. On the NIS master if I run 'passwd' it… >>> More

Related posts about ldap

NetApp FAS 2040 LDAP Win2k8R2

as seen on Server Fault - Search for 'Server Fault'
I am trying to get my FAS2040 to action user lookups using LDAP, below is the filer configuration options: filer> options ldap ldap.ADdomain dc1.colour.domain.local ldap.base OU=Users,OU=something1,OU=something2,OU=darkside,DC=colour,DC=domain,DC=local ldap.base… >>> More
Ubuntu 12.04 Preseed LDAP Config

as seen on Server Fault - Search for 'Server Fault'
I'm trying to deploy Ubuntu 12.04 via xCAT, everything works except the automatic configuration of LDAP, the preseed file is read but the file /etc/nsswitch is not written properly. My Preseed File: [...] ### LDAP Setup nslcd nslcd/ldap-bindpw password ldap-auth-config ldap-auth-config/bindpw password ldap-auth-config… >>> More
NetApp FAS 2040 LDAP Win2k8R2

as seen on Server Fault - Search for 'Server Fault'
I am trying to get my FAS2040 to action user lookups using LDAP, below is the filer configuration options: filer> options ldap ldap.ADdomain dc1.colour.domain.local ldap.base OU=Users,OU=something1,OU=something2,OU=darkside,DC=colour,DC=domain,DC=local ldap.base… >>> More
Apache+LDAP auth on Ubuntu says "Can't contact LDAP server" while ldapsearch is perfect

as seen on Server Fault - Search for 'Server Fault'
Hi Gurus, I'm migrating from an existing apache+LDAP+mysql+php server to a new hardware platform. Old server is running Debian Lenny, which I have no config documentation available (was done by previous sysadmin); New server is running Ubuntu 10.04.2 LTS 32bit. After installing Apache and configured… >>> More
Spring security ldap: no declaration can be found for element 'ldap-authentication-provider'

as seen on Stack Overflow - Search for 'Stack Overflow'
Following the spring-security documentation: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ldap.html I am trying to set up ldap authentication (very simple - just need to know if a user is authenticated or not, no authorities mapping needed) and have put this in my applicationContext-security… >>> More