May 16, 2011, 11:38 p.m.
posted by whitehat
Configuring the NIS Client
[[email protected] tmp]# authconfig
Once finished, it should create an /etc/yp.conf file that defines, amongst other things, the IP address of the NIS server for a particular domain. It also edits the /etc/sysconfig/network file to define the NIS domain to which the NIS client belongs.
# /etc/yp.conf - ypbind configuration file domain NIS-SCHOOL-NETWORK server 192.168.1.100 #/etc/sysconfig/network NISDOMAIN=NIS-SCHOOL-NETWORK
In addition, the authconfig program updates the /etc/nsswitch.conf file that lists the order in which certain data sources should be searched for name lookups, such as those in DNS, LDAP, and NIS. Here you can see where NIS entries were added for the important login files:
#/etc/nsswitch.conf passwd: files nis shadow: files nis group: files nis
Start the NIS Client-Related Daemons
Start the ypbind NIS client, yppasswd, and portmap daemons in the /etc/init.d directory and use the chkconfig command to ensure they start after the next reboot. Remember to use the rpcinfo command to ensure they are running correctly.
[[email protected] tmp]# service portmap start Starting portmapper: [ OK ] [[email protected] tmp]# service ypbind start Binding to the NIS domain: Listening for an NIS domain server. [[email protected] tmp]# service yppasswdd start Starting YP passwd service: [ OK ] [[email protected] tmp]# [[email protected] tmp]# chkconfig ypbind on [[email protected] tmp]# chkconfig portmap on [[email protected] tmp]# chkconfig yppasswdd on
Remember to use the rpcinfo -p localhost command to make sure they all started correctly.
Verify Name Resolution
As the configuration examples refer to the NIS client and server by their hostnames, you'll have to make sure the names resolve correctly to IP addresses. This can be configured either in DNS, when the hosts reside in the same domain, or more simply by editing the /etc/hosts file on both Linux boxes:
# # File: /etc/hosts (smallfry) # 192.168.1.100 bigboy # # File: /etc/hosts (bigboy) # 192.168.1.102 smallfry
Test NIS Access to the NIS Server
[[email protected] tmp]# ypcat passwd nisuser:$1$Cs2GMe6r$1hohkyG7ALrDLjH1:505:100::/home/nisuser:/bin/bash quotauser:!!:503:100::/home/quotauser:/bin/bash ftpinstall:$1$8WjAVtes$SnRh9S1w07sYkFNJwpRKa.:502:100::/:/bin/bash www:$1$DDCi/OPI$hwiTQ.L0XqYJUk09Bw.pJ/:504:100::/home/www:/bin/bash smallfry:$1$qHni9dnR$iKDs7gfyt..BS9Lry3DAq.:501:100::/:/bin/bash [[email protected] tmp]# [[email protected] tmp]# ypmatch nisuser passwd nisuser:$1$d6E2i79Q$wp3Eo0Qw9nFD/:504:100::/home/nisuser:/bin/bash [[email protected] tmp]# [[email protected] tmp]# getent passwd nisuser nisuser:$1$d6E2i79Q$wp3Eo0Qw9nFD/:504:100::/home/nisuser:/bin/bash [[email protected] tmp]#
Possible sources of error include:
Try to eliminate these areas as sources of error and refer to the syslog /var/log/messages file on the client and server for entries that may provide additional clues.
Test Logins via the NIS Server
Once your basic NIS functionality testing is complete, try to test a remote login. Failures in this area could be due to firewalls blocking TELNET or SSH access and the TELNET and SSH server process not being started on the clients.
Logging in via TELNET
Try logging into the NIS client via TELNET if it is enabled:
[[email protected] tmp]# telnet 192.168.1.102 Trying 192.168.1.102... Connected to 192.168.1.102. Escape character is '^]'. Red Hat Linux release 9 (Shrike) Kernel 2.4.20-6 on an i686 login: nisuser Password: Last login: Sun Nov 16 22:03:51 from 192-168-1-100. my-web-site.org [[email protected] nisuser]$
Logging in via SSH
Try logging into the NIS client via SSH:
[[email protected] tmp]# ssh -l nisuser 192.168.1.102 [email protected]'s password: [[email protected] nisuser]$
In some versions of Linux, the NIS client's SSH daemon doesn't re-read the /etc/nsswitch.conf file you just modified until SSH is restarted. SSH logins, therefore, won't query the NIS server until this is done. Restart SSH on the NIS client:
[[email protected] root]# service sshd restart Stopping sshd:[ OK ] Starting sshd:[ OK ] [[email protected] root]#