[CentOS] NIS expiration of passwords

Thu Jun 28 13:23:19 UTC 2012
Fabien Archambault <fabien.archambault at univ-amu.fr>

Dear all,

I have a NIS server which shares a database of users between some
computers (nodes exactly) and I would like that, on the first login,
the user changes its password.

So, on the NIS server I have made: chage -d 0 USER
# cd /var/yp
# make

On the NIS server I have:
chage -l USER
Last password change                                    : password
must be changed
Password expires                                        : password
must be changed
Password inactive                                       : password
must be changed
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

I would believe this information is shared from the server to the
other computers but here users still can connect (via SSH). If I try
to get the information on the user connected I have:
# chage -l USER
user 'USER' does not exist in /etc/passwd

This looks normal as there is no user there but then I do not know how
to enable the expiration information through NIS. Do someone has an