Sun Microsystems, Inc.
spacerspacer
spacer www.sun.com docs.sun.com |
spacer
black dot
 
 
A.  Error Messages Common Namespace Error Messages  Previous   Contents   Next 
   
 

The correct syntax is:

# nistbladm -m shell=/bin/csh `[name=miyoko],passwd.org_dir`

 

No memory

Your system does not have enough memory to perform the specified operation. See "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) for additional information on memory problems.

 

Non NIS+ namespace encountered

The name could not be completely resolved. This usually indicates that the name passed to the function resolves to a namespace that is outside the NIS+ name tree. In other words, the name is contained in an unknown directory. When this occurs, this error is returned with an NIS+ object of type DIRECTORY.

This message is generated by the NIS+ error code constant: NIS_FOREIGNNS. See the nis_tables or nis_names man pages for additional information.

 

No password entry for uid userid No password entry found for uid userid

Both of these two messages indicate that no entry for this user was found in the passwd table when trying to create or add a credential for that user. (Before you can create or add a credential, the user must be listed in the passwd table.)

  • The most likely cause is misspelling the user's userid on the command line. Check your command line for correct syntax and spelling.

  • Check that you are either in the correct domain, or specifying the correct domain on the command line.

  • If the command line is correct, check the passwd table to make sure the user is listed under the userid you are entering. This can be done with nismatch:

mymachine# nismatch uid=userid passwd.org_dir.

If the user is not listed in the passwd table, use nistbladm or nisaddent to add the user to the passwd table before creating the credential.

 

No shadow password information

This means that password aging cannot be enforced because the information used to control aging is missing.

 

Not found String Not found

Names context. The named object does not exist in the namespace.

Table context. No entries in the table matched the search criteria. If the search criteria was null (return all entries), then this result means that the table is empty and can safely be removed.

If the -FOLLOW_PATH flag was set, this error indicates that none of the tables in the path contain entries that match the search criteria.

This message is generated by the NIS+ error code constant: NIS_NOTFOUND. See the nis_tables and nis_names man pages for additional information.

See also "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) for general information on this type of problem.

 

Not Found no such name

This hard error indicates that the named directory of the table object does not exist. This could occur when the server that should be the parent of the server that serves the table, does not know about the directory in which the table resides.

This message is generated by the NIS+ error code constant: NIS_NOSUCHNAME. See the nis_names and nis_names man pages for additional information.

See also "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) for general information on this type of problem.

 

Not master server for this domain

This message might mean that an attempt was made to directly update the database on a replica server.

This message might also mean that a change request was made to a server that serves the name, but it is not the master server. This can occur when a directory object changes and it specifies a new master server. Clients that have cached copies of that directory object in their /var/nis/NIS_SHARED_DIRCACHE file should run ps to obtain the process ID of the nis_cachemgr, kill the nis_cachemgr process, remove the /var/nis/NIS_SHARED_DICACHE file, and then restart nis_cachemgr.

This message is generated by the NIS+ error code constant: NIS_NOTMASTER. See the nis_tables and nis_names man pages for additional information.

 

Not owner

The operation you attempted can only be performed by the object's owner, and you are not the owner.

This message is generated by the NIS+ error code constant: NIS_NOTOWNER.

 

Object with same name exists

An attempt was made to add a name that already exists. To add the name, first remove the existing name and then add the new name or modify the existing named object.

This message is generated by the NIS+ error code constant: NIS_NAMEEXISTS. See the nis_tables and nis_names man pages for additional information.

 

parse error: string (key variable)

This message is displayed by the nisaddent command when it attempts to use database files from a /etc directory and there is an error in one of the file's entries. The first variable should describe the problem, and the variable after key should identify the particular entry at fault. If the problem is with the /etc/passwd file, you can use /usr/sbin/pwck to check it.

 

Partial Success

This result is similar to NIS_NOTFOUND, except that it means the request succeeded but resolved to zero entries.

When this occurs, the server returns a copy of the table object instead of an entry so that the client can then process the path or implement some other local policy.

This message is generated by the NIS+ error code constant: NIS_PARTIAL. See the nis_tables man page for additional information.

 

Passed object is not the same object on server

An attempt to remove an object from the namespace was aborted because the object that would have been removed was not the same object that was passed in the request.

This message is generated by the NIS+ error code constant: NIS_NOTSAMEOBJ. See the nis_tables and nis_names man pages for additional information.

 

Password does not decrypt secret key for name

Possible causes:

  • You might have incorrectly typed the password.

  • There might not be an entry for name in the cred table.

  • NIS+ could not decrypt the key (possibly because the entry might be corrupt).

  • The Secure RPC password does not match the login password.

  • The nsswitch.conf file might be directing the query to a local password in an /etc/passwd file that is different from the NIS+ password recorded in the cred table. (Note that the actual encrypted passwords are stored locally in the /etc/shadow file.)

See "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) for information on diagnosing and solving these types of problems.

 

Password has not aged enough

This message indicates that your password has not been in use long enough and that you cannot change it until it has been in use for N (a number of) days.

 

Permission denied

Returned when you do not have the permissions required to perform the operation you attempted. See "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) for additional information.

This message might be related to a login or password matter, or an NIS+ security problem. The most common cause of a Permission denied message is that the password of the user receiving it has been locked by an administrator or the user's account has been terminated.

 

Permissions on the password database may be too restrictive

You do not have authorization to read (or otherwise use) the contents of the passwd field in an NIS+ table. See Chapter 15, Administering NIS+ Access Rights, for information on NIS+ access rights.

 

Please notify your System Administrator

When displayed as a result of an attempt to update password information with the passwd command, this message indicates that the attempt failed for one of many reasons. For example, the service might not be available, a necessary server is down, there is a "permission denied" type problem, and so forth. See "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)for a discussion of various types of security problems.

 

Please check your /etc/nsswitch.conf file

The nsswitch.conf file specifies a configuration that is not supported for passwd update. See "nsswitch.conf File Requirements" for supported configurations.

 

Probable success

Name context. The request was successful; however, the object returned came from an object cache and not directly from the server. (If you do not want to see objects from object caches, you must specify the flag -NO_CACHE when you call the lookup function.)

Table context. Even though the request was successful, a table in the search path was not able to be searched, so the result might not be the same as the one you would have received if that table had been accessible.

This message is generated by the NIS+ error code constant: NIS_S_SUCCESS. See the nis_tables and nis_names man pages for additional information.

 

Probably not found

The named entry does not exist in the table; however, not all tables in the path could be searched, so the entry might exist in one of those tables.

This message is generated by the NIS+ error code constant: NIS_S_NOTFOUND. See the nis_tables man page for additional information.

 

Query illegal for named table

A problem was detected in the request structure passed to the client library.

This message is generated by the NIS+ error code constant: NIS_BADREQUEST. See the nis_tables man page for additional information.

 

Reason: can't communicate with ypbind.

See "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)

 

replica_update: Child process attempting update, aborted

This is a status message indicating that a read-only process attempted an update and the attempt was aborted.

 

replica_update: error result was string

This message indicates a problem (identified by string) in carrying out a dump to a replica. See "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) for further information.

 

replica_update: error result was Master server busy, full dump rescheduled replica_update: master server busy rescheduling the resync. replica_update: master server is busy will try later. replica_update: nis dump result Master server busy, full dump rescheduled

These messages all indicate that the server is busy and the dump will be done later.

 

replica_update: nis dump result nis_perror errorstring

This message indicates a problem (identified by the error string) in carrying out a dump to a replica. See "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) for further information.

 

replica_update: nnnn updates nnnn errors

A status message indicating a successful update.

 

replica_update: WARNING: last_update (directoryname) returned 0!

An NIS+ process could not find the last update time stamp in the transaction log for that directory. This will cause the system to perform a full resync of the problem directory.

 

Results Sent to callback proc

This is a status message. No action need be taken.

This message is generated by the NIS+ error code constant: NIS_CBRESULTS. See the nis_tables man page for additional information.

 

root_replica_update: update failed string: could not fetch object from master.

This message indicates a problem in carrying out a dump to a replica. See "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) for further information.

 

RPC failure: "RPC failure on yp operation.

This message is returned by ypcat when an NIS client's nsswitch.conf file is set to files rather than nis, and the server is not included in the /etc/hosts or /etc/inet/ipnodes file.

 

Security exception on local system. UNABLE TO MAKE REQUEST.

This message might be displayed if a user has the same login ID as a machine name. See "NIS Troubleshooting" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) for additional information.

 

date: hostname: sendmail (nnnn) : gethostbyaddr failed

One common cause of this problem is entering IP addresses in NIS+, NIS, files, or DNS data sets with leading zeros. For example, you should never enter an IP address as 151.029.066.001. The correct way to enter that address is: 151.29.66.1.

 

Server busy, try again

The server was too busy to handle your request.

  • For the add, remove, and modify operations, this message is returned when either the master server for a directory is unavailable or it is in the process of checkpointing its database.

  • This message can also be returned when the server is updating its internal state.

  • In the case of nis_list, if the client specifies a callback and the server does not have enough resources to handle the callback.

Retry the command at a later time when the server is available.

This message is generated by the NIS+ error code constant: NIS_TRYAGAIN. See the nis_tables and nis_names man pages for additional information.

 

Server out of memory

In most cases this message indicates a fatal result. It means that the server ran out of heap space.

This message is generated by the NIS+ error code constant: NIS_NOMEMORY. See the nis_tables and nis_names man pages for additional information.

 

Sorry

This message is displayed when a user is denied permission to login or change a password, and for security reasons the system does not display the reason for that denial because such information could be used by an unauthorized person to gain illegitimate access to the system.

 

Sorry: less than nn days since the last change

This message indicates that your password has not been in use long enough and that you cannot change it until it has been in use for N days. See "Changing Your Password" for further information.

 

_svcauth_des: bad nickname

The nickname received from the client is invalid or corrupted, possibly due to network congestion. The severity of this message depends on what level of security you are running. At a low security level, this message is informational only; at a higher level, you might have to try the command again later.

 

_svcauth_des: corrupted window from principalname

The window that was sent does not match the one sent in the verifier.

The severity of this message depends on what level of security you are running. At a low security level, this message is primarily for your information; at a higher level you might have to try the command again at some later time or take corrective action as described below.

Possible causes:

  • The server's key pair has been changed. The client used the server's old public key while the server has a new secret key cached with keyserv. Run keylogin on both client and server.

  • The client's key pair has been changed and the client has not run keylogin on the client system, so system is still sending the client's old secret key to the server, which is now using the client's new public key. Naturally, the two do not match. Run keylogin again on both client and server.

  • Network corruption of data. Try the command again. If that does not work, use the snoop command to investigate and correct any network problems. Then run keylogin again on both server and client.

 

_svcauth_des: decryption failure

DES decryption for some authentication data failed. Possible causes:

  • Corruption to a library function or argument.

  • A problem with a DES encryption chip, if you are using one.

 		 
 
  Previous   Contents   Next