Chinaunix首页 | 论坛 | 博客
  • 博客访问: 2520127
  • 博文数量: 609
  • 博客积分: 10061
  • 博客等级: 上将
  • 技术积分: 5920
  • 用 户 组: 普通用户
  • 注册时间: 2008-06-25 08:30
文章分类

全部博文(609)

文章存档

2010年(13)

2009年(39)

2008年(558)

我的朋友

分类: LINUX

2008-09-12 15:54:17

Build NIS Server in order to share users' accounts among virtual networks. Following examples show that NIS Server is built on HostOS in virtual networks like NFS Server. It's neccessary to install ypserv for NIS.
 
If you'd like to share user accounts in large subnets or to share windows account too, Use LDAP.

[root@ns ~]# yum -y install ypserv
Loading "installonlyn" plugin
Loading "fastestmirror" plugin
Setting up Install Process
Setting up repositories
base 100% |=========================| 1.1 kB 00:00
updates 100% |=========================| 951 B 00:00
addons 100% |=========================| 951 B 00:00
extras 100% |=========================| 1.1 kB 00:00
Loading mirror speeds from cached hostfile
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for ypser to pack into transaction set.
ypserv-2.19-3.i386.rpm 100% |========================| 18 kB 00:00
---> Package ypserv.i386 0:2.19-3 set to be updated
--> Running transaction check
 
Dependencies Resolved
 
===========================================================
Package
Arch
Version
Repository
Size

===========================================================
Installing:
  ypserv
i386
2.19-3
base
134 k
 
Transaction Summary
===========================================================
Install
1 Package(s)

Update
0 Package(s)

Remove
0 Package(s)
 
Total download size: 134 k
Downloading Packages:
(1/1): ypserv-2.19-3.i386 100% |====================| 134 k 00:00

Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing:   ypserv
#################################### [1/1]

 
Installed: ypserv.i386 0:2.19-3
Complete!

[root@ns ~]# ypdomainname server-linux.info  // set domain name

[root@ns ~]# vi /etc/sysconfig/network
 
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=ns.server-linux.info
GATEWAY=192.168.0.1
NISDOMAIN=server-linux.info // add at the bottom of file

 
[root@ns ~]# vi /var/yp/Makefile

 
# MERGE_PASSWD=true|false
MERGE_PASSWD=false             // line 42: change

#
# MERGE_GROUP=true|false
MERGE_GROUP=false              // line 46: change

#all: passwd shadow group hosts rpc services netid protocols  // line 109: add
 
[root@ns ~]# vi /var/yp/securenets
 
host
127.0.0.1

255.255.255.0
192.168.0.0

// create a directory for web site automatically when a user is added in the system

[root@ns ~]# mkdir /etc/skel/public_html

[root@ns ~]# chmod 711 /etc/skel/public_html
 
// create a directory for email automatically when a user is added in the system

[root@ns ~]# mkdir -p /etc/skel/Maildir/cur

[root@ns ~]# mkdir -p /etc/skel/Maildir/new

[root@ns ~]# mkdir -p /etc/skel/Maildir/tmp

[root@ns ~]# chmod -R 700 /etc/skel/Maildir/

 
[root@ns ~]# useradd cent

[root@ns ~]# passwd cent

Changing password for user cent.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
 
[root@ns ~]# /usr/lib/yp/ypinit -m

At this point, we have to construct a list of the hosts which will run NIS servers. ns.server-linux.info is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a .
next host to add: ns.server-linux.info
next host to add:                // push Ctrl + D keys

The current list of NIS servers looks like this:
 
ns.server-linux.info
 
Is this correct? [y/n: y] y       // input 'y' and push Enter key

We need a few minutes to build the databases...
Building /var/yp/server-linux.info/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/server-linux.info'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/server-linux.info'
 
ns.server-linux.info has been set up as a NIS master server.
 
Now you can run ypinit -s ns.server-linux.info on all slave server.
 
[root@ns ~]# /etc/rc.d/init.d/portmap start

Starting portmap: [  OK  ]

[root@ns ~]# /etc/rc.d/init.d/ypserv start

Starting YP server services: [  OK  ]

[root@ns ~]# /etc/rc.d/init.d/yppasswdd start

Starting YP passwd service: [  OK  ]

[root@ns ~]# chkconfig portmap on

[root@ns ~]# chkconfig ypserv on

[root@ns ~]# chkconfig yppasswdd on
 
// It's neccessary to update NIS database with following way if new user is added again

[root@ns ~]# cd /var/yp

[root@ns yp]# make

After building NIS Server, Configure on clients in order to share users' accounts. Following examples show config on GuestOS 'www'.
[root@www ~]# vi /etc/sysconfig/network
 
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=
GATEWAY=192.168.0.1
NISDOMAIN=server-linux.info        // add the line
 
[root@www ~]# vi /etc/sysconfig/authconfig
 
USEWINBINDAUTH=no
USEKERBEROS=no
USESYSNETAUTH=no
FORCESMARTCARD=no
USESMBAUTH=no
USESMARTCARD=no
USELDAPAUTH=no
USELOCAUTHORIZE=no
USEWINBIND=no
USESHADOW=yes
USEDB=no
USEMD5=yes
USEPASSWDQC=no
USELDAP=no
USEHESIOD=no
USECRACKLIB=yes
USENIS=yes            // change
 
[root@www ~]# vi /etc/yp.conf
 
# Valid entries are
#
# domain NISDOMAIN server HOSTNAME
#Use server HOSTNAME for the domain NISDOMAIN.
#
# domain NISDOMAIN broadcast
#Use broadcast on the local net for domain NISDOMAIN
#
# domain NISDOMAIN slp
#Query local SLP server for ypserver supporting NISDOMAIN
#
# ypserver HOSTNAME
#Use server HOSTNAME for the local domain. The
#IP-address of server must be listed in /etc/hosts.
#
# broadcast
#If no server for the default domain is specified or
#none of them is rechable, try a broadcast call to
#find a server.
#
domain server-linux.info server nfs.server-linux.info  // add the line

 
[root@www ~]# vi /etc/nsswitch.conf
 
passwd:   files nis  // line 33: add

shadow:   files nis  // add

group:    files nis  // add
 
#hosts:db files nisplus nis dns

hosts: files dns nis  // add

 
[root@www ~]# chkconfig ypbind on

[root@www ~]# chkconfig portmap on

[root@www ~]# reboot
 
www login:
cent             // user name on NIS

Password:        // input password

Last login: Sun Mar 11 22:02:12 on tty1

[cent@www ~]$ // could login

[cent@www ~]$ ypwhich
nfs.server-linux.info

[cent@www ~]$ ypcat passwd

cent:x:500:500::/home/cent:/bin/bash

[cent@www ~]$ yppasswd  // change password

Changing NIS account information for cent on nfs.server-linux.info.
Please enter old password:    // input current password

Changing NIS password for cent on nfs.server-linux.info.
Please enter new password:    // input new password

Please retype new password:   // verify
 
The NIS password has been changed on nfs.server-linux.info.
 
阅读(1959) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~