Configuring NIS under Red Hat Linux
做了一个下午的NIS服务器 做的蛋都快碎了 最近忙 一直没更新 见谅。现与大家分享下午的成果,这个可是我找了好久找到的-.- 国内的文章很多都是错的 蛋疼 英文的 没翻译 大家凑合着看吧。
The following describes a procedure to set up NIS network name service under Red Hat Linux. This is geared toward a small intallation with only one domain. However, it should be fairly evident how to add more NIS domains. The NIS domain name has nothing to do with any DNS naming convention being used.
In these examples, the following conventions are used:
NIS domain: “internal”
Code or configuration file data: colored
Root prompt on NIS master server: master#
Root prompt on NIS client host: client#
Setting up a NIS master server:
Required packages: yp-tools ypbind ypserv portmap
Set up “time” service to run via inetd/xinetd, or configure xntpd, or otherwise make sure the host’s clock is synchronized.
Edit /etc/yp.conf:
|
1 |
domain internal server ip.of.nis.server |
Edit /etc/ypserv.conf:
|
1 2 3 4 5 |
dns: no files: 30 xfr_check_port: yes * : * : shadow.byname : port * : * : passwd.adjunct.byname : port |
Edit /etc/sysconfig/network:
|
1 |
NISDOMAIN=internal |
Set NIS domain name:
|
1 2 |
<strong>master#</strong> domainname internal <strong>master#</strong> ypdomainname internal |
Create file /var/yp/securenets:
|
1 2 |
host 127.0.0.1 255.255.255.0 10.0.0.0 |
Make sure the “portmap” service is running:
|
1 2 |
<strong>master#</strong> service portmap start <strong>master#</strong> chkconfig portmap on |
Portmap will need a rule in /etc/hosts.allow to allow access from localhost and any hosts that need to access NIS.
Start ypserv service:
|
1 |
<strong>master#</strong> service ypserv start |
Check that it’s listening:
|
1 |
<strong>master#</strong> rpcinfo -u localhost ypserv |
You should see:
|
1 2 |
program 100004 version 1 ready and waiting program 100004 version 2 ready and waiting |
Initialize the NIS maps:
|
1 |
<strong>master#</strong> /usr/lib/yp/ypinit -m |
Specify local hostname, Ctrl-D, y, let finish.
Start up ypbind, yppasswdd, ypxfrd:
|
1 2 3 |
<strong>master#</strong> service ypbind start <strong>master#</strong> service yppasswdd start <strong>master#</strong> service ypxfrd start |
Set YP services to run on boot-up:
|
1 2 3 4 |
<strong>master#</strong> chkconfig ypserv on <strong>master#</strong> chkconfig ypbind on <strong>master#</strong> chkconfig yppasswdd on <strong>master#</strong> chkconfig ypxfrd on |
NIS client host setup
Required packages: yp-tools ypbind portmap
Edit /etc/sysconfig/network:
|
1 |
NISDOMAIN=internal |
Edit /etc/yp.conf:
|
1 |
domain internal server ip.of.master.server |
Edit /etc/hosts:
|
1 |
ip.of.master.server hostname.domain hostname |
Set NIS domain-name:
|
1 2 |
<strong>client#</strong> domainname internal <strong>client#</strong> ypdomainname internal |
Edit /etc/nsswitch.conf:
|
1 2 3 |
passwd: files nis shadow: files nis group: files nis |
Make sure the portmap service is running:
|
1 2 |
<strong>client#</strong> service portmap start <strong>client#</strong> chkconfig portmap on |
The /etc/hosts.allow file will need rules allowing access from localhost and the NIS master server.
Start ypbind service:
|
1 2 |
<strong>client#</strong> service ypbind start <strong>client#</strong> chkconfig ypbind on |
Test it out:
|
1 2 3 4 5 6 |
<strong>client#</strong> rpcinfo -u localhost ypbind <strong>client#</strong> ypcat passwd link:http://bradthemad.org/tech/notes/redhat_nis_setup.php 91ri.org补充:文章有处遗漏 就是在client上面密码验证方式未修改. 修改方法:在/etc/passwd 最末尾加上:+:::::: (一个+ 六个冒号)即可将验证方式修改为到NIS SERVER上面验证. |
