企业应用之NIS-Server
背景:企业内部需要统一用户认识,在windows下面有AD,在Linux下面有NIS
思路:建立NIS服务器和客户端,配置NFS服务器及automount
步骤:
服务器端:
1.建立NIS服务器
yum install ypserv -y
2.配置NIS服务器
A、vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=ns.server-linux.info
GATEWAY=192.168.0.1
# add at the bottom of file
NISDOMAIN=server-linux.info
B、vim /var/yp/Makefile
# MERGE_PASSWD=true|false
# line 42: change
#MERGE_PASSWD=true
MERGE_PASSWD=false
#
# MERGE_GROUP=true|false
# line 46: change
#MERGE_GROUP= true
MERGE_GROUP= false
#
# line 111: add shadow
all: passwd shadow group hosts rpc services netid protocols
C、vim /var/yp/securenets
host 127.0.0.1
255.255.255.0 192.168.28.0
D、启动相关的服务,并让这些服务开机自动运行
service ypserv start
service yppasswdd start
chkconfig --add ypserv
chkconfig --add yppasswdd
chkconfig --level 2345 ypserv on
chkconfig --level 2345 yppasswdd on
2.配置NFS服务器(NFS服务器的具体配置另有文档),这里只写配置文件
A、vim /etc/exports
/rhome *(rw,sync,root_squash)
如图
B、重启NFS服务
service nfs restart
如图:
3.初始化NIS数据库
/usr/lib/yp/ypinit -m # update NIS database
At this point, we have to construct a list of the hosts which will run NIS servers. ns.server-linux.info is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a
.
next host to add: server.example.com
next host to add: # push Ctrl + D keys
The current list of NIS servers looks like this:
ns.server-linux.info
Is this correct? [y/n: y] y # input 'y' and push Enter key
We need a few minutes to build the databases...
Building /var/yp/example.com/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/example.com'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/example.com'
server.example.com has been set up as a NIS master server.
Now you can run ypinit -s server.example.com on all slave server.
4.添加NIS用户
A、useradd -d /rhome/nisuser03 nisuser03
passwd nisuser03
Changing password for user nisuser03.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
如图:
B、更新NIS数据库
cd /var/yp
make
[root@Server yp]# make
gmake[1]: Entering directory `/var/yp/example.com'
Updating passwd.byname...
Updating passwd.byuid...
Updating shadow.byname...
Updating group.byname...
Updating group.bygid...
Updating netid.byname...
gmake[1]: Leaving directory `/var/yp/example.com'
如图
服务器端至此完成了。
客户端:
1.安装ypbind
yum install ypbind -y
2.配置
A、vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=localhost.localdomain
NISDOMAIN="example.com"
如图:
B、vim /etc/sysconfig/authconfig
把 USENIS=no 改为 USENIS=yes
USEWINBINDAUTH=no
USEHESIOD=no
USESYSNETAUTH=no
USEPAMACCESS=no
USEKERBEROS=no
FORCESMARTCARD=no
USESMBAUTH=no
USESMARTCARD=no
USELDAPAUTH=no
PASSWDALGORITHM=md5
USEWINBIND=no
USESHADOW=yes
USEDB=no
USEPASSWDQC=no
USELOCAUTHORIZE=no
USEMKHOMEDIR=no
USELDAP=no
USECRACKLIB=yes
USENIS=yes
如图
C、vim /etc/yp.conf
在最后一行加入
domain example.com server server.example.com
如图
并修改/etc/hosts,因为没有DNS解析
192.168.28.254 Server.example.com Server
D、vim /etc/nsswitch.conf
passwd: files nis # line 33: add
shadow: files nis # add
group: files nis # add
#hosts: db files nisplus nis dns
hosts: files dns nis # add
E、启动相关服务并设置为开机启动
service ypbind start
service portmap start
chkconfig --add ypbind
chkconfig --add portmap
chkconfig --level 2345 ypbind on
chkconfig --level 2345 portmap on
3.配置automount
cd /etc
vim auto.master
/rhome /etc/auto.nis # Add this line to config nis user home directory automount
vim auto.nis
* 192.168.28.254:/rhome/& # & 意思是说匹配和用户名一样的目录
重启autofs服务
service autofs restart
如图
4.登录
su - nisuser03
[root@localhost /]# su - nisuser03
[nisuser03@localhost ~]$
如图:
如果不配置automount的话,会出现如下错误(找不到用户家目录):
su -nisuser01
[root@localhost /]# su - nisuser01
su: warning: cannot change directory to /home/nisuser01: No such file or directory
-bash-3.2$
如图:
到此 所有的配置都完成了。 enjoy
阅读(1756) | 评论(0) | 转发(0) |