Chinaunix首页 | 论坛 | 博客
  • 博客访问: 383928
  • 博文数量: 87
  • 博客积分: 2810
  • 博客等级: 少校
  • 技术积分: 825
  • 用 户 组: 普通用户
  • 注册时间: 2008-10-28 22:34
文章分类

全部博文(87)

文章存档

2010年(25)

2009年(43)

2008年(19)

分类: LINUX

2010-09-23 08:44:37

企业应用之NIS-Server
背景:企业内部需要统一用户认识,在windows下面有AD,在Linux下面有NIS
思路:建立NIS服务器和客户端,配置NFS服务器及automount
步骤:
服务器端:
1.建立NIS服务器
yum install ypserv -y
 
2.配置NIS服务器
A、vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=ns.server-linux.info
GATEWAY=192.168.0.1
# add at the bottom of file
NISDOMAIN=server-linux.info
 
B、vim /var/yp/Makefile
# MERGE_PASSWD=true|false
# line 42: change
#MERGE_PASSWD=true
MERGE_PASSWD=false
#
# MERGE_GROUP=true|false
# line 46: change
#MERGE_GROUP= true
MERGE_GROUP= false
#
# line 111: add  shadow

all: passwd shadow group hosts rpc services netid protocols

 
C、vim /var/yp/securenets
host 127.0.0.1
255.255.255.0 192.168.28.0
 
D、启动相关的服务,并让这些服务开机自动运行
service ypserv start
service yppasswdd start
 
chkconfig --add ypserv
chkconfig --add yppasswdd
chkconfig --level 2345 ypserv on
chkconfig --level 2345 yppasswdd on
 
2.配置NFS服务器(NFS服务器的具体配置另有文档),这里只写配置文件
A、vim /etc/exports
/rhome  *(rw,sync,root_squash)
 
如图
B、重启NFS服务
service nfs restart
如图:
3.初始化NIS数据库
 
/usr/lib/yp/ypinit -m   # update NIS database

At this point, we have to construct a list of the hosts which will run NIS servers. ns.server-linux.info is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a .
next host to add: server.example.com
next host to add: # push Ctrl + D keys
The current list of NIS servers looks like this:

ns.server-linux.info

Is this correct? [y/n: y] y   # input 'y' and push Enter key
We need a few minutes to build the databases...
Building /var/yp/example.com/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/example.com'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/example.com'

server.example.com has been set up as a NIS master server.

Now you can run ypinit -s server.example.com on all slave server.
4.添加NIS用户
A、useradd -d /rhome/nisuser03 nisuser03
passwd nisuser03
Changing password for user nisuser03.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
如图:
B、更新NIS数据库
cd /var/yp
make
[root@Server yp]# make
gmake[1]: Entering directory `/var/yp/example.com'
Updating passwd.byname...
Updating passwd.byuid...
Updating shadow.byname...
Updating group.byname...
Updating group.bygid...
Updating netid.byname...
gmake[1]: Leaving directory `/var/yp/example.com'
如图
服务器端至此完成了。
 
客户端:
 
1.安装ypbind
yum install ypbind -y
 
2.配置
A、vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=localhost.localdomain
NISDOMAIN="example.com"
如图:
B、vim /etc/sysconfig/authconfig
把 USENIS=no 改为 USENIS=yes
USEWINBINDAUTH=no
USEHESIOD=no
USESYSNETAUTH=no
USEPAMACCESS=no
USEKERBEROS=no
FORCESMARTCARD=no
USESMBAUTH=no
USESMARTCARD=no
USELDAPAUTH=no
PASSWDALGORITHM=md5
USEWINBIND=no
USESHADOW=yes
USEDB=no
USEPASSWDQC=no
USELOCAUTHORIZE=no
USEMKHOMEDIR=no
USELDAP=no
USECRACKLIB=yes
USENIS=yes
如图
C、vim /etc/yp.conf
在最后一行加入
domain example.com server server.example.com
如图
并修改/etc/hosts,因为没有DNS解析
192.168.28.254  Server.example.com      Server
 
D、vim /etc/nsswitch.conf

passwd: files nis     # line 33: add
shadow: files nis     # add
group: files nis      # add

#hosts: db files nisplus nis dns
hosts: files dns nis  # add
E、启动相关服务并设置为开机启动
service ypbind start
service portmap start
 
chkconfig --add ypbind
chkconfig --add portmap
chkconfig --level 2345 ypbind on
chkconfig --level 2345 portmap on
 
3.配置automount
cd /etc
vim auto.master
 
/rhome  /etc/auto.nis  # Add this line to config nis user home directory automount
 
vim auto.nis
*       192.168.28.254:/rhome/& # & 意思是说匹配和用户名一样的目录
 
重启autofs服务
service autofs restart
 
如图
 
4.登录
su - nisuser03
[root@localhost /]# su - nisuser03
[nisuser03@localhost ~]$
如图:
如果不配置automount的话,会出现如下错误(找不到用户家目录):
su -nisuser01
[root@localhost /]# su - nisuser01
su: warning: cannot change directory to /home/nisuser01: No such file or directory
-bash-3.2$
如图:
 
到此  所有的配置都完成了。 enjoy
阅读(1756) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~