>The various maps appear to be accessible to the clients:	
>	ypcat passwd, ypcat group, ypcat hosts show the correct info from the
>server.
>
>yptest appears to run correctly.

So `ypcat passwd' on the clients DTRT?  You have /var/yp/securenet or
wherever it live configured correctly?  Does NetBSD do
/var/yp/securenet ACLs on IP addresses for YP?

>ypwhich shows the master correctly.
>ypwhich -m shows the correct maps -vs- master.
>domainname shows the correct domain.

>On the clients
>I have appended the passwd file with +:*:0:0:::
>            and the group file with  +:*:*.
>
>
>Having said all that:
>			I cannot log into the client machines as anyone listed 
>in the
>master's hosts 			file ( anyone that is not in the client
>'s local host
>file ).  If I 			login as root and try to su to a user I get:
>					>>su - rewis 
>					>> unkown login rewis  
>	
>			It appears that the various local files ( hosts, group,
> passwd )
>are 			not being replaced or appended, respectively ( once aga
>in ypcat
>shows 
>			valid info for passwd and group).
>
>I realize this is scant information, but any help or just a place to
>start would be GREATLY appreciated ( I have 'Managing NFS and NIS' from
>O'Reilly).

If `ypcat passwd' on the clients work, they can get at the data;
they're just not using it.  What does /etc/nsswitch.conf have on the
clients for passwd?  Did someone edit it away from "passwd: compat"?