Problem: It has been reported that when using a RedHat 8.2 machine to run a Centrify adnisd server, the server is not responding to broadcast attempts. This causes the ypbind service to not start on any NIS client that relies on the adnisd server. Broadcast is an option that is configured in the yp.conf file on the NIS client. But when configuring the NIS client to use a 'direct connection' to the adnisd server, the ypbind service starts and everything works as expected.
The following messages may show in the logs on a NIS client machine that is pointed at the problem adnisd server.
Oct 01 15:10:48 nisclient org.a11y.Bus: Reloaded configuration Oct 01 15:10:48 nisclient setsebool: The allow_ypbind policy boolean was changed to 1 by root Oct 01 15:10:48 nisclient dbus: [system] Reloaded configuration Oct 01 15:10:48 nisclient ypbind: Binding NIS service Oct 01 15:11:39 nisclient ypbind: Binding took 51 seconds Oct 01 15:11:39 nisclient ypbind: NIS server for domain (domain name) is not responding. Oct 01 15:11:39 nisclient ypbind: Killing ypbind with PID 21868. Oct 01 15:11:39 nisclient ypbind: Try increase NISTIMEOUT in /etc/sysconfig/ypbind Oct 01 15:11:39 nisclient systemd: ypbind.service: control process exited, code=exited status=1 Oct 01 15:11:39 nisclient systemd: Failed to start NIS/YP (Network Information Service) Clients to NIS Domain Binder.
Following troubleshooting has been performed:
1) Stop the ypbind service - (/sbin/service ypbind stop) 2) Remove all files from /var/yp/binding/ - (rm -rf /var/yp/binding/*) 3) Start the ypbind service - (/sbin/service ypbind start) 4) Disable iptables/firewalld on both the NIS client and adnisd server.
Additionally, when pointing the NIS client to an adnisd server that is on an older platform, such as RHEL 7.6, the ypbind service starts up with no issues.
Solution: Centrify Engineering has found an issue with ypserv. Redhat has confirmed there is a bug with this. Ypserv is a RedHat product. Please contact RedHat support team if you are experiencing this issue.