10/19/2010

NIS

Build NIS Server in order to share users' accounts in local networks. It's neccessary to install ypserv for NIS. [root@ns ~]# yum -y install ypserv

[root@ns ~]# ypdomainname server-linux.info # set NIS domain
[root@ns ~]# vi /etc/sysconfig/network

NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=ns.server-linux.info
GATEWAY=192.168.0.1
# add at the bottom of file
NISDOMAIN=server-linux.info

[root@ns ~]# vi /var/yp/Makefile

# MERGE_PASSWD=true|false
# line 42: change
MERGE_PASSWD=false
#
# MERGE_GROUP=true|false
# line 46: change
MERGE_GROUP=false
#
# line 109: add
all: passwd shadow group hosts rpc services netid protocols

[root@ns ~]# vi /var/yp/securenets

host127.0.0.1
255.255.255.0192.168.0.0

# create a directory for web site automatically when a user is added in the system
[root@ns ~]# mkdir /etc/skel/public_html
[root@ns ~]# chmod 711 /etc/skel/public_html

# create a directory for email automatically when a user is added in the system
[root@ns ~]# mkdir -p /etc/skel/Maildir/cur
[root@ns ~]# mkdir -p /etc/skel/Maildir/new
[root@ns ~]# mkdir -p /etc/skel/Maildir/tmp
[root@ns ~]# chmod -R 700 /etc/skel/Maildir/

[root@ns ~]# /etc/rc.d/init.d/portmap start
Starting portmap: [ OK ]
[root@ns ~]# /etc/rc.d/init.d/ypserv start
Starting YP server services: [ OK ]
[root@ns ~]# /etc/rc.d/init.d/yppasswdd start
Starting YP passwd service: [ OK ]
[root@ns ~]# chkconfig portmap on
[root@ns ~]# chkconfig ypserv on
[root@ns ~]# chkconfig yppasswdd on

[root@ns ~]# useradd cent
[root@ns ~]# passwd cent
Changing password for user cent.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

[root@ns ~]# /usr/lib/yp/ypinit -m# update NIS database
At this point, we have to construct a list of the hosts which will run NIS servers. ns.server-linux.info is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a .
next host to add: ns.server-linux.info
next host to add: # push Ctrl + D keys
The current list of NIS servers looks like this:

ns.server-linux.info

Is this correct? [y/n: y] y# input 'y' and push Enter key
We need a few minutes to build the databases...
Building /var/yp/server-linux.info/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/server-linux.info'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/server-linux.info'

ns.server-linux.info has been set up as a NIS master server.

Now you can run ypinit -s ns.server-linux.info on all slave server.

# It's neccessary to update NIS database with following way if new user is added again
[root@ns ~]# cd /var/yp
[root@ns yp]# make

After building NIS Server, Configure on clients in order to share users' accounts

[root@www ~]# vi /etc/sysconfig/network

NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=www.server-linux.info
GATEWAY=192.168.0.1
# add at the bottom
NISDOMAIN=server-linux.info

[root@www ~]# vi /etc/sysconfig/authconfig

USEWINBINDAUTH=no
USEKERBEROS=no
USESYSNETAUTH=no
FORCESMARTCARD=no
USESMBAUTH=no
USESMARTCARD=no
USELDAPAUTH=no
USELOCAUTHORIZE=no
USEWINBIND=no
USESHADOW=yes
USEDB=no
USEMD5=yes
USEPASSWDQC=no
USELDAP=no
USEHESIOD=no
USECRACKLIB=yes
USENIS=yes# change

[root@www ~]# vi /etc/yp.conf

# Valid entries are
#
# domain NISDOMAIN server HOSTNAME
#Use server HOSTNAME for the domain NISDOMAIN.
#
# domain NISDOMAIN broadcast
#Use broadcast on the local net for domain NISDOMAIN
#
# domain NISDOMAIN slp
#Query local SLP server for ypserver supporting NISDOMAIN
#
# ypserver HOSTNAME
#Use server HOSTNAME for the local domain. The
#IP-address of server must be listed in /etc/hosts.
#
# broadcast
#If no server for the default domain is specified or
#none of them is rechable, try a broadcast call to
#find a server.
#
# add at the bottom
domain server-linux.info server nfs.server-linux.info

[root@www ~]# vi /etc/nsswitch.conf

passwd:files nis# line 33: add
shadow:files nis# add
group:files nis# add

#hosts:db files nisplus nis dns
hosts:files dns nis# add

[root@www ~]# chkconfig ypbind on
[root@www ~]# chkconfig portmap on
[root@www ~]# shutdown -r now

www login: cent# user name on NIS
Password:# password
Last login: Sun Mar 11 22:02:12 on tty1
[cent@www ~]$# just logined
[cent@www ~]$ ypwhich
nfs.server-linux.info
[cent@www ~]$ ypcat passwd
cent:x:500:500::/home/cent:/bin/bash
[cent@www ~]$ yppasswd# change password
Changing NIS account information for cent on nfs.server-linux.info.
Please enter old password:# current password
Changing NIS password for cent on nfs.server-linux.info.
Please enter new password: # new password
Please retype new password:

The NIS password has been changed on nfs.server-linux.info.

No comments:

Post a Comment