Configuring the NIS Client





Configuring the NIS Client

Now that the NIS server is configured, it's time to configure the NIS clients. There are a number of related configuration files that you need to edit to get it to work. Take a look at the procedure.

Run authconfig

The authconfig program automatically configures your NIS files after prompting you for the IP address and domain of the NIS server:

     [[email protected] tmp]# authconfig

Once finished, it should create an /etc/yp.conf file that defines, amongst other things, the IP address of the NIS server for a particular domain. It also edits the /etc/sysconfig/network file to define the NIS domain to which the NIS client belongs.

     # /etc/yp.conf - ypbind configuration file
     domain NIS-SCHOOL-NETWORK server 192.168.1.100

     #/etc/sysconfig/network
     NISDOMAIN=NIS-SCHOOL-NETWORK

In addition, the authconfig program updates the /etc/nsswitch.conf file that lists the order in which certain data sources should be searched for name lookups, such as those in DNS, LDAP, and NIS. Here you can see where NIS entries were added for the important login files:

     #/etc/nsswitch.conf
     passwd: files nis
     shadow: files nis
     group: files nis

Note

You can also locate a sample NIS nsswitch.conf file in the /usr/share/doc/yp-tools* directory.


Start the NIS Client-Related Daemons

Start the ypbind NIS client, yppasswd, and portmap daemons in the /etc/init.d directory and use the chkconfig command to ensure they start after the next reboot. Remember to use the rpcinfo command to ensure they are running correctly.

     [[email protected] tmp]# service portmap start
     Starting portmapper: [  OK  ]
     [[email protected] tmp]# service ypbind start
     Binding to the NIS domain:
     Listening for an NIS domain server.
     [[email protected] tmp]# service yppasswdd start
     Starting YP passwd service: [  OK  ]
     [[email protected] tmp]#

     [[email protected] tmp]# chkconfig ypbind on
     [[email protected] tmp]# chkconfig portmap on
     [[email protected] tmp]# chkconfig yppasswdd on

Remember to use the rpcinfo -p localhost command to make sure they all started correctly.

Verify Name Resolution

As the configuration examples refer to the NIS client and server by their hostnames, you'll have to make sure the names resolve correctly to IP addresses. This can be configured either in DNS, when the hosts reside in the same domain, or more simply by editing the /etc/hosts file on both Linux boxes:

     #
     # File: /etc/hosts (smallfry)
     #
     192.168.1.100 bigboy


     #
     # File: /etc/hosts (bigboy)
     #
     192.168.1.102 smallfry

Test NIS Access to the NIS Server

You can run the ypcat, ypmatch, and getent commands to make sure communication to the server is correct.

     [[email protected] tmp]# ypcat passwd
     nisuser:$1$Cs2GMe6r$1hohkyG7ALrDLjH1:505:100::/home/nisuser:/bin/bash
     quotauser:!!:503:100::/home/quotauser:/bin/bash
     ftpinstall:$1$8WjAVtes$SnRh9S1w07sYkFNJwpRKa.:502:100::/:/bin/bash
     www:$1$DDCi/OPI$hwiTQ.L0XqYJUk09Bw.pJ/:504:100::/home/www:/bin/bash
     smallfry:$1$qHni9dnR$iKDs7gfyt..BS9Lry3DAq.:501:100::/:/bin/bash
     [[email protected] tmp]#

     [[email protected] tmp]# ypmatch nisuser passwd
     nisuser:$1$d6E2i79Q$wp3Eo0Qw9nFD/:504:100::/home/nisuser:/bin/bash
     [[email protected] tmp]#
     [[email protected] tmp]# getent passwd nisuser
     nisuser:$1$d6E2i79Q$wp3Eo0Qw9nFD/:504:100::/home/nisuser:/bin/bash
     [[email protected] tmp]#

Possible sources of error include:

  • Incorrect authconfig setup resulting in errors in the /etc/yp.conf, /etc/sysconfig/network and /etc/nsswitch.conf files

  • Failure to run the ypinit command on the NIS server

  • NIS not being started on the NIS server or client

  • Poor routing between the server and client, or the existence of a firewall that's blocking traffic

Try to eliminate these areas as sources of error and refer to the syslog /var/log/messages file on the client and server for entries that may provide additional clues.

Test Logins via the NIS Server

Once your basic NIS functionality testing is complete, try to test a remote login. Failures in this area could be due to firewalls blocking TELNET or SSH access and the TELNET and SSH server process not being started on the clients.

Logging in via TELNET

Try logging into the NIS client via TELNET if it is enabled:

     [[email protected] tmp]# telnet 192.168.1.102
     Trying 192.168.1.102...
     Connected to 192.168.1.102.
     Escape character is '^]'.
     Red Hat Linux release 9 (Shrike)
     Kernel 2.4.20-6 on an i686
     login: nisuser
     Password:
     Last login: Sun Nov 16 22:03:51 from 192-168-1-100. my-web-site.org
     [[email protected] nisuser]$

Logging in via SSH

Try logging into the NIS client via SSH:

     [[email protected] tmp]# ssh -l nisuser 192.168.1.102
     [email protected]'s password:
     [[email protected] nisuser]$

In some versions of Linux, the NIS client's SSH daemon doesn't re-read the /etc/nsswitch.conf file you just modified until SSH is restarted. SSH logins, therefore, won't query the NIS server until this is done. Restart SSH on the NIS client:

     [[email protected] root]# service sshd restart
     Stopping sshd:[ OK ]
     Starting sshd:[ OK ]
     [[email protected] root]#


     Python   SQL   Java   php   Perl 
     game development   web development   internet   *nix   graphics   hardware 
     telecommunications   C++ 
     Flash   Active Directory   Windows