Build NIS Server in order to share users' accounts among virtual networks. Following examples show that NIS Server is built on HostOS in virtual networks like NFS Server. It's neccessary to install ypserv for NIS.
If you'd like to share user accounts in large subnets or to share windows account too, Use LDAP.
[root@ns ~]# yum -y install ypserv
Loading "installonlyn" plugin
Loading "fastestmirror" plugin
Setting up Install Process
Setting up repositories
base 100% |=========================| 1.1 kB 00:00
updates 100% |=========================| 951 B 00:00
addons 100% |=========================| 951 B 00:00
extras 100% |=========================| 1.1 kB 00:00
Loading mirror speeds from cached hostfile
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for ypser to pack into transaction set.
ypserv-2.19-3.i386.rpm 100% |========================| 18 kB 00:00
---> Package ypserv.i386 0:2.19-3 set to be updated
--> Running transaction check
Dependencies Resolved
===========================================================
Package
Arch
Version
Repository
Size
===========================================================
Installing:
ypserv
i386
2.19-3
base
134 k
Transaction Summary
===========================================================
Install
1 Package(s)
Update
0 Package(s)
Remove
0 Package(s)
Total download size: 134 k
Downloading Packages:
(1/1): ypserv-2.19-3.i386 100% |====================| 134 k 00:00
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: ypserv
#################################### [1/1]
Installed: ypserv.i386 0:2.19-3
Complete!
[root@ns ~]# ypdomainname server-linux.info // set domain name
[root@ns ~]# vi /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=ns.server-linux.info
GATEWAY=192.168.0.1
NISDOMAIN=server-linux.info // add at the bottom of file
[root@ns ~]# vi /var/yp/Makefile
# MERGE_PASSWD=true|false
MERGE_PASSWD=false // line 42: change
#
# MERGE_GROUP=true|false
MERGE_GROUP=false // line 46: change
#all: passwd shadow group hosts rpc services netid protocols // line 109: add
[root@ns ~]# vi /var/yp/securenets
host
127.0.0.1
255.255.255.0
192.168.0.0
// create a directory for web site automatically when a user is added in the system
[root@ns ~]# mkdir /etc/skel/public_html
[root@ns ~]# chmod 711 /etc/skel/public_html
// create a directory for email automatically when a user is added in the system
[root@ns ~]# mkdir -p /etc/skel/Maildir/cur
[root@ns ~]# mkdir -p /etc/skel/Maildir/new
[root@ns ~]# mkdir -p /etc/skel/Maildir/tmp
[root@ns ~]# chmod -R 700 /etc/skel/Maildir/
[root@ns ~]# useradd cent
[root@ns ~]# passwd cent
Changing password for user cent.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@ns ~]# /usr/lib/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS servers. ns.server-linux.info is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a .
next host to add: ns.server-linux.info
next host to add: // push Ctrl + D keys
The current list of NIS servers looks like this:
ns.server-linux.info
Is this correct? [y/n: y] y // input 'y' and push Enter key
We need a few minutes to build the databases...
Building /var/yp/server-linux.info/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/server-linux.info'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/server-linux.info'
ns.server-linux.info has been set up as a NIS master server.
Now you can run ypinit -s ns.server-linux.info on all slave server.
[root@ns ~]# /etc/rc.d/init.d/portmap start
Starting portmap: [ OK ]
[root@ns ~]# /etc/rc.d/init.d/ypserv start
Starting YP server services: [ OK ]
[root@ns ~]# /etc/rc.d/init.d/yppasswdd start
Starting YP passwd service: [ OK ]
[root@ns ~]# chkconfig portmap on
[root@ns ~]# chkconfig ypserv on
[root@ns ~]# chkconfig yppasswdd on
// It's neccessary to update NIS database with following way if new user is added again
[root@ns ~]# cd /var/yp
[root@ns yp]# make
After building NIS Server, Configure on clients in order to share users' accounts. Following examples show config on GuestOS 'www'.
[root@www ~]# vi /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=
GATEWAY=192.168.0.1
NISDOMAIN=server-linux.info // add the line
[root@www ~]# vi /etc/sysconfig/authconfig
USEWINBINDAUTH=no
USEKERBEROS=no
USESYSNETAUTH=no
FORCESMARTCARD=no
USESMBAUTH=no
USESMARTCARD=no
USELDAPAUTH=no
USELOCAUTHORIZE=no
USEWINBIND=no
USESHADOW=yes
USEDB=no
USEMD5=yes
USEPASSWDQC=no
USELDAP=no
USEHESIOD=no
USECRACKLIB=yes
USENIS=yes // change
[root@www ~]# vi /etc/yp.conf
# Valid entries are
#
# domain NISDOMAIN server HOSTNAME
#Use server HOSTNAME for the domain NISDOMAIN.
#
# domain NISDOMAIN broadcast
#Use broadcast on the local net for domain NISDOMAIN
#
# domain NISDOMAIN slp
#Query local SLP server for ypserver supporting NISDOMAIN
#
# ypserver HOSTNAME
#Use server HOSTNAME for the local domain. The
#IP-address of server must be listed in /etc/hosts.
#
# broadcast
#If no server for the default domain is specified or
#none of them is rechable, try a broadcast call to
#find a server.
#
domain server-linux.info server nfs.server-linux.info // add the line
[root@www ~]# vi /etc/nsswitch.conf
passwd: files nis // line 33: add
shadow: files nis // add
group: files nis // add
#hosts:db files nisplus nis dns
hosts: files dns nis // add
[root@www ~]# chkconfig ypbind on
[root@www ~]# chkconfig portmap on
[root@www ~]# reboot
www login:
cent // user name on NIS
Password: // input password
Last login: Sun Mar 11 22:02:12 on tty1
[cent@www ~]$ // could login
[cent@www ~]$ ypwhich
nfs.server-linux.info
[cent@www ~]$ ypcat passwd
cent:x:500:500::/home/cent:/bin/bash
[cent@www ~]$ yppasswd // change password
Changing NIS account information for cent on nfs.server-linux.info.
Please enter old password: // input current password
Changing NIS password for cent on nfs.server-linux.info.
Please enter new password: // input new password
Please retype new password: // verify
The NIS password has been changed on nfs.server-linux.info.
阅读(1959) | 评论(0) | 转发(0) |