Dispersednet Dispersednet


Network Information  «Prev 

NIS server-side configuration

Here are the steps you followed to configure a system to be the master NIS server in an NIS domain:
  1. You are logged on to a system named nis, which is in the corporation.com DNS domain. You will configure this system to be the master NIS server in the corpusers NIS domain. You are already logged on as root, because you must have these permissions to configure NIS. You are in the /var/yp/ypfiles directory. This is the standard directory to store your NIS passwd and group files. You may use any directory, as long as you specify it in the Makefile. You will learn more about this file shortly. Type ls -l to list all the files in the current directory (/var/yp/ypfiles).
  2. Notice that the NIS passwd and group files are listed. The format for these files is identical to that of the standard /etc/passwd and /etc/group files. As a systems administrator, you may need to create such files, however. Remember that these NIS files govern access for an entire NIS domain, not just for one machine. Use the cat command to view the passwd file.
  3. Normally, an NIS passwd file is quite large. For the purpose of this simulation, we will show you only four usernames: jpage, rplant, jpjones, jbohnam. Notice also that these users have null password values (in other words, they do not have any passwords). Remember that with NIS, you must name your new group and passwd files “passwd” and “group” in order for NIS to work properly. The ypserv daemon looks for these filenames as specified in the Makefile file. We’ll get to that shortly. First, set your NIS domain name as corpusers, using the nisdomainname program. Type nisdomainname corpusers. (On non-Linux machines, this command is called domainname.)
  4. You do not need to use the same domain name for NIS and DNS. So, you now have the necessary files (passwd and group) and are ready to use Makefile, which is always in the /var/yp/ directory. Before you create a map, you need to make sure that Makefile is pointing to the /var/yp/ypfiles directory. You are still in the /var/yp/ypfiles directory, so type cd .. to change to the /var/yp/ directory.
  5. Type cat Makefile to view its contents.
  6. Normally, you would receive a great deal of output from this command. For the purpose of this exercise, we’re displaying only the output that shows where the NIS daemon will search for the passwd and group files. You may need to edit this file in certain situations. As you can see, however, this Makefile is already pointing to the /var/yp/ypfiles directory. Now, you can use ypinit to begin an interactive session in which ypinit will use the file named Makefile to configure an NIS map. Type /usr/lib/yp/ypinit –m to start the ypinit session.
  7. The -m command you just typed tells ypinit that the local host is a master server. Notice the message informing you that you must enter at least one NIS server and that this particular version of ypinit has already added your server named nis to the list. You can only have one master server for each NIS domain, so you’re finished with this step. Normally, you would press Ctrl + D to exit the ypinit sequence. For the purpose of this simulation, however, just press the Enter key on your keyboard.
  8. The ypinit program now asks you if this is a correct list. Type y to inform ypinit that this is the correct NIS server. The program will then proceed to compile the NIS map.
  9. The ypinit program now compiles the relevant NIS zone files. To view the new files, type ls -l /var/yp.
  10. The ypinit program has created a new directory named corpusers. List its contents by typing ls -l corpusers.
  11. Notice that the passwd.byname file is in this directory. This is an NIS map version of the passwd file, set up as a database file keyed by username. Similarly, passwd.byuid is keyed by numeric UID. You are almost ready to start the ypserv daemon. However, one of the main reasons NIS fails is due to a failed portmap service. Verify that the portmap process is running by typing ps aux | grep portmap. (On Solaris, the command is ps –ef | grep portmap.)
  12. You can see that portmap is running. Start ypserv by typing ypserv.
  13. Now let’s assume you are logged onto another system named plant. You are the user rplant and are in the rplant home directory. Now that you have started the ypserv daemon on the system named nis, verify that it is running and accessible to your current system by typing rpcinfo -p nis | grep ypserv.
  14. Notice that in this particular instance, ypserv has bound to UDP port 625 and TCP port 628. Now you’re ready to configure clients to your NIS domain master server, which you will do in this lesson’s exercise.