NIS Configuration Steps:
The Network Information Service, or NIS (originally called Yellow Pages or YP) is a client–server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network. Sun Microsystems developed the NIS; the technology is licensed to virtually all other Unix vendors.
Because British Telecom PLC owned the name "Yellow Pages" as a registered trademark in the United Kingdom for its paper-based, commercial telephone directory, Sun changed the name of its system to NIS, though all the commands and functions still start with “yp”.
An NIS/YP system maintains and distributes a central directory of user and group information, hostnames, e-mail aliases and other text-based tables of information in a computer network. For example, in a common UNIX environment, the list of users for identification is placed in /etc/passwd, and secret authentication hashes in /etc/shadow. NIS adds another “global” user list which is used for identifying users on any client of the NIS domain.
Network Information Services (NIS) enables you to create user accounts that can be shared across all systems on your network. The user account is created only on the NIS server. NIS clients download the necessary username and password data from the NIS server to verify each user login.
An advantage of NIS is that users need to change their passwords on the NIS server only, instead of every system on the network. This makes NIS popular in computer training labs, distributed software development projects or any other situation where groups of people have to share many different computers.
The disadvantages are that NIS doesn't encrypt the username and password information sent to the clients with each login and that all users have access to the encrypted passwords stored on the NIS server. A detailed analysis of NIS security is beyond the scope of this book, but I suggest that you restrict its use to highly secure networks or to networks where access to non-NIS networks is highly restricted.
Real Time Example:
§ The main Linux server, nismaster (192.168.1.222), has a large amount of disk space and will be used as both the NIS server and NFS-based file server for the Linux PCs in this example.
§ Users logging into the PCs will be assigned home directories on nismaster and not on the PCs themselves.
§ Each user's home directory will be automatically mounted with each user login on the PCs using NFS.
§ To configure the NIS client and NFS client, we are using the nisslave (192.168.1.223).
§ The suite of NIS RPMs have been installed on the server and client: ypserve and yp-tools are on the server, and ypbind and yp-tools are on the client.
An implementation plan:
1. Configure nismaster as an NFS server to make its /home directory available to the Linux workstations.
2. Configure nisslave as an NFS client that can access bigboy's /home directory.
3. Configure nismaster as an NIS server.
4. Create a user account (testsenthil) on nismaster that doesn't exist on nisslavey. Convert the account to a NIS user account.
5. Configure nisslave as an NIS client.
6. Test a remote login from nisslave to nismaster using the username and password of the account testsenthil.
First check the ypserver packages are installed or not.
To check this use the following command:
rpm -qa | grep yp
Check the following daemons are running.
service xinetd status
service portmap status
rpcinfo -p <ipaddress>
Configure the NFS server.
The main NFS configuration file is /etc/exports
Edit the /etc/exports file and add which filesystem to export.
Add the /home filesystem and access from any system with read write.
/home * (rw, sync)
Now start the NFS daemon.
service nfs start
exportfs command used to list the exported filesystem in /etc/exports file.
rpcinfo -p 192.168.1.222
Now all the nfs, mountd and lockd are running successfully.
The main NIS configuration file is /etc/ypserv.conf.
Edit the ypserv.conf file.
Edit and add the nisdomain name in /etc/sysconfig/network file.
Now check the ypserv daemon is running or not using the following command.
service ypserv status
service ypserv start
Check the NISdomainname using the following command.
Now start the ypbind daemon.
service ypbind start
Start the yppasswdd and ypxfrd daemons.
service yppasswdd start
service ypxfrd start
If you want to start all the daemons, while booting time then do the following commands.
chkconfig portmap on
chkconfig nfs on
chkconfig ypserv on
chkconfig ypbind on
chkconfig yppasswd on
chkconfig ypxfrd on
List the rpcinfo -p 192.168.1.222
The nis files are stored in /var/yp/nisdomainname
Now we move on to client side and do the following commands.
The host name of the client is nisslave and the ipaddress is 192.168.1.223
Now we are checking the user's home directory.
We need to configure the autofs in the client side. For this we need to edit /etc/auto.home and /etc/auto.master files.
Add the following contents.
Edit the /etc/auto.home file and the add the contents.
Now start the autofs daemon.
service autofs start.
Use the mount to list the mounted file system.
Listing the home directories. As of now we don't have any users.
To configure a NIS client use the following command.
select the NIS Authentication.
Provide the nisdomainanme and ipaddress of the NIS master server.
Now start the ypbind daemon.
service ypbind start
rpcinfo -p 192.168.1.223
Now ypbind is running.
ypwhich command lists the nis server information.
Now in the NIS master server side, create the new user account.
The user created successfully.
Now check in the nis client system, we don't have user called testsenthil.
If trying log in, which is failed.
If any changes in the nis master server, we need to run the make command.
Now the passwd changes are mapped.
Now the testsenthil user able to login in the remote server.
The only user's home directory alone mounted in home. (Help of autofs)
Now user has logged in.