Installing and Configuring NIS in Linux
NIS or Network Information Service is a protocol for information centralization of client / server (server concept with master / slave) developed by Sun. NIS provides a centralized master server on a certain type of information, we will look on the centralization of users and passwords (passwd) and hosts. To complete the installation, we will need at least three machines (virtual or physical) running CentOS 5.5 or Red Hat Enterprise Linux 5.5, 32 or 64 bits. Make sure all machines have a correct DNS configuration, to prevent resolution errors at first boot NIS.
Installation
On the master server run this command to install packages necessary for running NIS:
# Yum install ypserv yp-tools ypbind portmap
The packages are now installed, go to the configuration of the NIS server.
Re: Installing and Configuring NIS in Linux
Configuration
First we must include the master server in the NIS domain, why publish the file / etc / sysconfig / network:
# Vi / etc / sysconfig / network
Add this line to the end:
Nisdomain = "mydomain.com"
We declare the NIS master server as a client itself by editing / etc / yp.conf:
# Vi / etc / yp.conf
We add this line to that file, 127.0.0.1 corresponding to the local loop:
ypserver 127.0.0.1
This part is configured, we can start the portmap (converts RPC program numbers into port numbers software DARPA), yppasswdd (daemon for changing the password of a user on the NIS master server from the client NIS) and ypserv (NIS daemon server principal).
# Service portmap start
# Service yppasswdd home
# Service ypserv start
Let us not forget to add these services to boot:
# Chkconfig portmap is
# Chkconfig is yppasswdd
# Chkconfig ypserv
To verify that the services are running correctly, run the rpcinfo command and verify that each process is listed:
# Rpcinfo-p localhost
program to proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100009 1 udp 681 yppasswdd
100004 2 udp 698 ypserv
100004 1 udp 698 ypserv
100004 2 tcp 701 ypserv
100004 1 tcp 701 ypserv
Now initialize our NIS domain by running the utility ypinit:
# / M-usr/lib64/yp/ypinit
Our NIS domain is configured, the services are starting ypbind (NIS client daemon) and ypxfrd (daemon allowing rapid transfer of large NIS maps):
# Service ypbind start
# Service ypxfrd home
The NIS master server is now installed and configured, install a NIS slave server (optional, depending on your network architecture).
Re: Installing and Configuring NIS in Linux
NIS Client Configuration :
Run the command authconfig. This command will configure the system to use NIS. Replace the arguments nisdomain, nisserver by values specific to your infrastructure. If I want to associate my machine NIS slave server when I specify IP address on the slave server for the argument nisserver.
# Authconfig - enableshadow - enablenis - nisdomain = mydomain.com - nisserver = 192.168.0.200-update
Let's start the portmap and ypbind not forget to add them to boot :
# Service portmap start
Starting portmapper: [OK]
# Service ypbind start
Binding To The NIS domain:
Listening For An NIS domain server.
# Chkconfig ypbind is
# Chkconfig portmap is
To verify access to the NIS server, run the command ypcat passwd, passwd entry will list the master server. Users test, test2, test3, test4 were created specifically on the master server to verify that the customer list:
# Passwd ypcat
test: $ $ $ 1 Tqofoi0E TwWUHrJDTFHcaSAg2qFQC0: 500:500:: / home / test: / bin / bash
test2: $ $ $ 1 sLUwtdB6 32n6IK2OqY1dbFCdW7BU21: 501:501:: / home/test2: / bin / bash
test3: $ 1 USD. XHW.qNf 3R0QIk48Sdrtou5c4RU $ / t /: 502:502:: / home/test3: / bin / bash
test4: $ 1 $ R / $ vbkqcX YeGEGm3mocjTfm3Y./07T0: 503:503:: / home/test4: / bin / bash
Now you can authenticate the client machine via SSH (for example) using user accounts created on the NIS master server. But be careful, you will not / home for your user on the client machines (except in the case of integration of NFS), you can fix it with the following commands initiated on the client machine, but records will not be synchronized:
Code:
# Mkdir / home/test4
# Chmod 700 / home/test4 /
# Ll / home
total 2
drwx ------ 2 1024 users test4 test4 Aug 4 8:05
# Cp / etc / skel / .* / home/test4 /
cp: omitting directory `/ etc / skel /."
cp: omitting directory `/ etc / skel / .. '
cp: omitting directory `/ etc / skel / .kde '
# Chown-R test4: users / home/test4
You can also try to ping a machine registered in the hosts file of the NIS master server:
Code:
# Ping-nis centos-4
PING centos-nis-4.mydomain.com (192.168.0.203) 56 (84) bytes of data.
64 bytes from centos-nis-4.mydomain.com (192.168.0.203): icmp_seq = 1 ttl = 64 time = 0643 ms
--- Centos-nis-4.mydomain.com ping statistics ---
1 Packets Transmitted, Received 1, 0% packet loss, time 0ms
rtt min / avg / max / mdev = 0.512/0.652/0.735/0.091 ms
The NIS client is now configured. :thumbup1:
Re: Installing and Configuring NIS in Linux
Problem Solving
- During "ypinit" if you get the following error:
failed to send 'clear' to local ypserv: RPC: Port mapper failure group.bygid Updating ...
Delete the file / var / yp / mydomain.com and restart portmap, ypserv yppasswdd and on the master server.
- On the slave server, while "ypinit" if your database is corrupted or that your / etc / hosts is incorrect, you get an error enumerating the map "Can not enumerate maps from nis-centos-1 . Please Check That It Is Running.. " Use the command "make" in / var / yp on the master server to rebuild the NIS database.
- Run the command yppasswdd the wrong client or server (depending on the configuration of your server master and slave), may cause segfaults.
- Always use the commands ypmatch, ypwhich, getent to verify connectivity NIS.
- Remember to create a home folder for each user, set its permissions and copy the file / etc / skel. If you forget, your users will not be able to create files in their home folder and you may get errors in authentication.
