SUMMARY: Urgent Solstice AdminSuite host manager problem

From: Marc S. Gibian (gibian@stars1.hanscom.af.mil)
Date: Thu May 29 1997 - 07:17:01 CDT


I suddenly encountered a problem with administration of NIS+ from Solstice
AdminSuite 2.1 on Solaris 2.5.1. It turns out to have been caused by a bad
patch, corrected by backing that patch out and two others dependent on the bad
patch. The offending patch is 103612-23. I am pretty sure we had a prior
revision working, and am pretty uncomfortable running without any revision of
103612, but don't have an older version easily available.

Thanks to:
-----------
"Rudolph Wray" <rwray@hotmail.com>
mikep@gismaster.mro.usace.army.mil (Mike Penny)
Fatima Jafri <fjafri@corelan.com>

-Marc

Marc S. Gibian
Telos Comsys phone: (617) 377-6350
PRISM/TFS email: gibian@stars1.hanscom.af.mil

attached mail follows:


I have been running Solstice AdminSuite 2.1 with patch 103235-06 on Solaris 2.5
with no problems for almost a year. We now have moved to Solaris 2.5.1, but for
a variety of reasons have not yet upgraded to Solstice AdminSuite 2.2. Initially
we had been running without the 103235 patch, but today I applied 103235-08 with
no impact.

All systems I am describing are the root masters of their own NIS+ domains. The
task that fails is adding a new host via the host manager, though there are a
number of symptoms.

1. The initial problem we get is that the default NIS+ domain presented in the
host manager startup dialog, when okay is clicked, is not accepted as a valid
domain. AdminSuite is showing "xxx.yyy" as the default domain. When we append a
trailing period, to make a proper NIS+ domain name, "xxx.yyy.", and click okay,
THEN the host manager comes up. This problem with the trailing period and the
default domain does not occur on any of our Solaris 2.5 systems.

2. Once the host manager is running in the context of the NIS+ domain for which
the machine is the root master, we add a new host, specifying host name and ip
address, leaving everything else at either their default or unspecified. This
results in the host manager adding an entry to the displayed hosts for the added
hostname of type Solaris standalone. We now attempt to apply changes to actually
perform the actions needed to add this new host. After a significant delay, we
get an error back complaining that there is a mismatch between the root password
on the new host and the root master host. The interesting part of the message,
though, and the part that I believe is the cause of the problem, is that when
listing the new client, the name of the client is "client.xxx.yyy.." while the
domain is "xxx.yyy." The error here would appear to be that AdminSuite is
appending an extra trialing period to the domain name. This would be consistent
with the new behavior at host manager startup time where we have to add a
trailing period not previously needed.

The end result is that we are unable to add a new host with the host manager
under NIS+, something required for my customer's product to work. Of course, we
have a code freeze coming up soon and really need to resolve this problem.

We have tried installing Solstice AdminSuite 2.2 and saw absolutely no
difference in behavior. Sun claims there is a Solstice AdminSuite 2.3 that fixes
this, though we are arguing over whether they gave me a tape with it or not, as
well as claiming there is a patch for 2.2 to correct this problem. I have
reviewed patches for 2.2 listed on the sunsolve site and don't see anything
applicable?

Does anyone have any ideas on how we fix this problem quickly?

The exact messages returned are (with names changed):

client: Failure adding NISPLUS credentials, /usr/bin/nisaddcred: domain of
principal 'client.xxx.yyy..' does not match destination domain 'xxx.yyy.'.
Should only add DES credential of principal in its home domain
/usr/bin/nisaddcred: unable to create credential.

Mucho TIA,
Marc

Marc S. Gibian
Telos Comsys phone: (617) 377-6350
PRISM/TFS email: gibian@stars1.hanscom.af.mil



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:56 CDT