1. Log into the domain’s master server.
2. Create DES credentials for the new client machine.
nisaddcred -p secure-RPC-netname principal-name des [domain]
rootmaster% nisaddcred -p -P client1.doc.com. des
Adding key pair for (client1.doc.com.).
Enter client1.doc.com.’s root login passwd:
Retype password:
3. Ascertain the Diffie-Hellman key length used on the master server.
For example:
rootmaster% nisauthconf dh640-0 des
4. Log in as superuser to the client.
5. Assign the client its new domain name.
type domainname without an argument to check
client1# domainname doc.com //to change
client1# domainname > /etc/defaultdomain //to save
6. Check the client’s nsswitch.conf file.
7. If you made any changes to the nsswitch.conf file (or copied over a new file),
you must now restart nscd.
client1# svcadm restart /system/name-service-cache
8. Set the Diffie-Hellman key length on the client, using the information from step
3.
For example:
client# nisauthconf dh640-0 des
9. Stop the NIS+ service.
client1# svcadm disable network/rpc/nisplus:default
client1# svcs \*nisplus\*
disabled Jan_12 svc:/network/rpc/nisplus:default
10. Clean out leftover NIS+ material and processes.
If the machine you are working on was previously used as an NIS+ server or client,
remove any files that might exist in /var/nis.
11. Initialize the client.
12. Delete the /etc/.rootkey file and restart the keyserv daemon.
client1# cp /etc/nsswitch.nisplus /etc/nsswitch.conf
client1# svcs \*keyserv\*
online Jan_12 svc:/network/rpc/keyserv:default
client1# svcadm disable network/rpc/keyserv
client1# rm -f /etc/.rootkey
client1# svcadm enable network/rpc/keyserv
------------------------Done------------------------
How to Initialize a Client—Broadcast Method :
creates a NIS_COLD_START file in its /var/nis
client1# nisinit -c -B
This machine is in the doc.com. NIS+ domain.
Setting up NIS+ client ...
All done.
How to Initialize a Client—Host Name Method:
1. Check the client’s /etc/hosts or /etc/inet/ipnodes file.
2. Initialize the client.
Client1# nisinit -c -H rootmaster
This machine is in the doc.com. NIS+ domain.
Setting up NIS+ client ...
------------------------summarize--------------------
Log in to domain’s master:
rootmaster%
Create DES credentials for client:
rootmaster% nisaddcred -p unix.client1.doc.com -P client1.doc.com. des
Ascertain the Diffie-Hellman .key length:
rootmaster% nisauthconf
Log in, as superuser, to the client:
client1% su
Password:
Assign the client a domain name:
client1# domainname doc.com
client1# domainname > /etc/defaultdomain
Check that the client’s switch configuration file has the correct settings:
client1# more /etc/nsswitch.conf
Set the Diffie-Hellman key length:
client1# nisauthconf dh640-0 des
Clean out /var/nis:
client1# rm -rf /var/nis/*
Initialize the client:
client1# nisinit -c -H rootmaster
Remove the /etc/.rootkey file an restart the keyserver:
client1# svcadm disable network/rpc/keyserv
client1# rm -f /etc/.rootkey
client1# svcadm enable network/rpc/keyserv
Run keylogin on the client:
client1# keylogin -r password:
Reboot the client:
client1# reboot
------------------------------
阅读(521) | 评论(0) | 转发(0) |