Monday, June 20, 2011

Setup NIS Server


NIS Server
Build NIS Server in order to share users’ accounts among virtual networks. Following examples show that NIS Server is built on HostOS in virtual networks like NFS Server. It’s necessary to install ypserv for NIS.
First we need to install the ypserv package, we can install it by using the following command
#yum -y install ypserv
// set domain name
#ypdomainname example.com
// add at the bottom of file
#vi /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=ns.server-linux.info
GATEWAY=192.168.0.1
NISDOMAIN=example.com
#vi /var/yp/Makefile
# MERGE_PASSWD=true|false
MERGE_PASSWD=false// line 42: change
#
# MERGE_GROUP=true|false
MERGE_GROUP=false// line 46: change
#
all: passwd shadow group hosts rpc services netid protocols   // line 109: add shadow
// create a directory for email automatically when a user is added in the system
[root@ns ~]# mkdir -p /etc/skel/Maildir/cur
[root@ns ~]# mkdir -p /etc/skel/Maildir/new
[root@ns ~]# mkdir -p /etc/skel/Maildir/tmp
[root@ns ~]# chmod -R 700 /etc/skel/Maildir/
[root@ns ~]# useradd cent
[root@ns ~]# passwd cent
Changing password for user cent.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
 [root@ns ~]# /usr/lib/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS servers. ns.server-linux.info is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a .
next host to add: ns.server-linux.info
next host to add: // push Ctrl + D keys
The current list of NIS servers looks like this:
ns.server-linux.info
Is this correct? [y/n: y] y// input ‘y’ and push Enter key
We need a few minutes to build the databases…
Building /var/yp/server-linux.info/ypservers
Running /var/yp/Makefile…
gmake[1]: Entering directory `/var/yp/server-linux.info
Updating passwd.byname…
Updating passwd.byuid…
Updating group.byname…
Updating group.bygid…
Updating hosts.byname…
Updating hosts.byaddr…
Updating rpc.byname…
Updating rpc.bynumber…
Updating services.byname…
Updating services.byservicename…
Updating netid.byname…
Updating protocols.bynumber…
Updating protocols.byname…
Updating mail.aliases…
gmake[1]: Leaving directory `/var/yp/server-linux.info
ns.server-linux.info has been set up as a NIS master server.
Now you can run ypinit -s ns.server-linux.info on all slave server.
[root@ns ~]# /etc/rc.d/init.d/portmap start
Starting portmap: [  OK  ]
[root@ns ~]# /etc/rc.d/init.d/ypserv start
Starting YP server services: [  OK  ]
[root@ns ~]# /etc/rc.d/init.d/yppasswdd start
Starting YP passwd service: [  OK  ]
[root@ns ~]# chkconfig portmap on
[root@ns ~]# chkconfig ypserv on
[root@ns ~]# chkconfig yppasswdd on
// It’s neccessary to update NIS database with following way if new user is added again
[root@ns ~]# cd /var/yp
[root@ns yp]# make
After building NIS Server, Configure on clients in order to share users’ accounts. Following examples show config on GuestOS ‘www’.
[root@www ~]# vi /etc/sysconfig/network

NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=www.server-linux.info
GATEWAY=192.168.0.1
NISDOMAIN=server-linux.info// add the line

[root@www ~]# vi /etc/sysconfig/authconfig

USEWINBINDAUTH=no
USEKERBEROS=no
USESYSNETAUTH=no
FORCESMARTCARD=no
USESMBAUTH=no
USESMARTCARD=no
USELDAPAUTH=no
USELOCAUTHORIZE=no
USEWINBIND=no
USESHADOW=yes
USEDB=no
USEMD5=yes
USEPASSWDQC=no
USELDAP=no
USEHESIOD=no
USECRACKLIB=yes
USENIS=yes// change

[root@www ~]# vi /etc/yp.conf

# Valid entries are
#
# domain NISDOMAIN server HOSTNAME
#Use server HOSTNAME for the domain NISDOMAIN.
#
# domain NISDOMAIN broadcast
#Use broadcast on the local net for domain NISDOMAIN
#
# domain NISDOMAIN slp
#Query local SLP server for ypserver supporting NISDOMAIN
#
# ypserver HOSTNAME
#Use server HOSTNAME for the local domain. The
#IP-address of server must be listed in /etc/hosts.
#
# broadcast
#If no server for the default domain is specified or
#none of them is rechable, try a broadcast call to
#find a server.
#
domain server-linux.info server nfs.server-linux.info  // add the line

[root@www ~]# vi /etc/nsswitch.conf

passwd:files nis// line 33: add
shadow:files nis// add
group:files nis// add

#hosts:db files nisplus nis dns
hosts:files dns nis// add

[root@www ~]# chkconfig ypbind on
[root@www ~]# chkconfig portmap on
[root@www ~]# reboot

www login: cent// user name on NIS
Password:// input password
Last login: Sun Mar 11 22:02:12 on tty1
[cent@www ~]$// could login
[cent@www ~]$ ypwhich
nfs.server-linux.info
[cent@www ~]$ ypcat passwd
cent:x:500:500::/home/cent:/bin/bash
[cent@www ~]$ yppasswd// change password
Changing NIS account information for cent on nfs.server-linux.info.
Please enter old password:// input current password
Changing NIS password for cent on nfs.server-linux.info.
Please enter new password:// input new password
Please retype new password:// verify

The NIS password has been changed on nfs.server-linux.info.