| Title: | DIGITAL UNIX�(FORMERLY KNOWN AS DEC OSF/1) |
| Notice: | Welcome to the Digital UNIX Conference |
| Moderator: | SMURF::DENHAM |
| Created: | Thu Mar 16 1995 |
| Last Modified: | Fri Jun 06 1997 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 10068 |
| Total number of notes: | 35879 |
In Digital Unix 3.2x, under NIS and C2 environment, as mentioned in 4083, the security database need to be updated with the Master server and be pushed to slave servers each time a user login. The result is that a user cannot login when the Master server is down. This is not documented in the manual (Neither in Security nor Network config). Is this behavour(or design) remained unchanged in Digital Unix 4.0x, or any improvemnet? Regards, Feynman [Posted by WWW Notes gateway]
| T.R | Title | User | Personal Name | Date | Lines |
|---|---|---|---|---|---|
| 8917.1 | Not changed for V4.0 | NETRIX::"[email protected]" | Ann Majeske | Fri Feb 21 1997 17:35 | 12 |
The security policy implemented in Enhanced Security requires that the users account information be updated every time the user logs in. This requires that the information be updated on the NIS Master Server and pushed to the slave servers. This policy has not changed for V4.0, and probably won't change any time in the near future. If you're going to use NIS and Enhanced Security it would be a good idea to pick your most robust and physically secure system to use as the NIS master, to minimize problems caused by the NIS master going down. It would also be a good idea to invest in an uninterruptible power supply for the NIS master for the same reason. [Posted by WWW Notes gateway] | |||||
| 8917.2 | GERUND::WOLFE | I'm going to huff, and puff, and blow your house down | Tue Feb 25 1997 13:57 | 14 | |
The policy is fine but it really needs to be more clearly and prominently documented so system managers know what they must do to configure C2 NIS masters. This was entered as qar 42906 and Spider and I had some heated discussions on this issue (none of which are refected in the qar). The bottom line was supposed to be that that docs would be updated to make the restrictions clear and the qar was closed. Looking at the 4.0B docset I don't see the fixes. I'm not sure if the fixes are supposed to be in the Security book or the Networks book (where NIS stuff is) or if they missed 4.0* altogether and are slated for Steel. If slated for steel then this qar should not have been closed until the fixes were in and the restrictions should have been release noted for platinum. pete | |||||