Smilies are On. All times are GMT The time now is PM. Twitter: linuxquestions. Open Source Consulting Domain Registration.
Visit Jeremy's Blog. Search Blogs. Mark Forums Read. User Name. Remember Me? Linux - Newbie This Linux forum is for members that are new to Linux. Just starting out and have a question? This permits a system administrator to set up NIS client systems with only minimal configuration data and add, remove or modify configuration data from a single location.
The Network Information Service, or NIS originally called Yellow Pages or YP is a client—server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network.
Administrators have the ability to configure NIS to serve password data to outside processes to authenticate users using various versions of the Unix crypt 3 hash algorithms.
However in such cases, any NIS client can retrieve the entire password database for offline inspection. Kerberos was designed to handle authentication in a more secure manner. Make sure the required nfs, nfslock, and portmap daemons are both running and configured to start after the next reboot. As this is a lab environment, these prerequisites aren't necessary. Make sure the required netfs, nfslock, and portmap daemons are running and configured to start after the next reboot.
Unmount it once everything looks correct. Start configuring autofs automounting. After five minutes, autofs unmounts the directory.
This is because by default NFS activates the root squash feature, which disables this user from having privileged access to directories on remote NFS servers. You'll be able to test this later after NIS is configured. Note: This automounter feature doesn't appear to function correctly in my preliminary testing of Fedora Core 3.
This scheme will make the users feel their home directories are local, when in reality they are automatically mounted and accessed over your network. NFS only covers file sharing over the network. You now have to configure NIS login authentication for the lab students before the job is done. The configuration of the NIS server is not difficult, but requires many steps that you may overlook.
Don't worry, we'll review each one in detail. The developers had to change the name after a copyright infringement lawsuit, yet many of the key programs associated with NIS have kept their original names beginning with yp. All the packages required for NIS clients are a standard part of most Fedora installations.
The ypserv package for servers is not. Install the package according to the steps outlined in Chapter 6," Installing Linux Software ". Make sure they are all running before continuing to the next step. You can use the rpcinfo command to do this. The ypbind and ypxfrd daemons won't start properly until after you initialize the NIS domain.
You'll start these daemons after initialization is completed. Now that you have decided on the name of the NIS domain, you'll have to use the ypinit command to create the associated authentication files for the domain. You will be prompted for the name of the NIS server, which in this case is bigboy. You can now start the ypbind and the ypxfrd daemons because the NIS domain files have been created. All the NIS daemons use RPC port mapping and, therefore, are listed using the rpcinfo command when they are running correctly.
In this case, you'll create a user account called nisuser and give it a new password. This procedure makes all NIS-enabled, nonprivileged accounts become automatically accessible via NIS, not just newly created ones.
You can check to see if the user's authentication information has been updated by using the ypmatch command, which should return the user's encrypted password string. You can also use the getent command, which has similar syntax.
On a NIS client, the results are identical with both showing the encrypted password. There are a number of related configuration files that you need to edit to get it to work. To find out which NIS server is currently providing service to a specific client, use the following command.
Where machinename is the name of the client. If no machine name is mentioned, ypwhich defaults to the local machine that is, the machine on which the command is run. This distributed file system protocol allows a user on a client computer to access files over a network in the same way they would access a local storage file. Because it is an open standard, anyone can implement the protocol.
NIS nee YP appears to be immortal. It offers financial protection to contributors and their families against loss of income arising from injury on the job, incapacity, retirement and the death of the insured. Note that the NIS domain name is not necessarily identical to the DNS domain name, which can be set with the hostname command.
For example, if the full hostname of your system is loomer. However, your NIS domain name could be entirely different, for example, vpizzas. You should first check that domainname is not being executed in one of the existing rc files. The command takes the format: domainname domain-name for example, domainname vpizzas. A slightly different method sets the domain name under NYS. This file should contain two lines: one specifying the name of your NIS domain and another specifying the hostname of the NIS server.
As an example: domain vpizzas ypserver allison. If no ypserver line is included in this file, the system broadcasts a message on the network at boot time to determine the name of the NIS server. Your network administrators can provide you with the hostname of your preferred NIS server.
Once these two steps are complete, your system should be able to transparently access NIS databases. One way to test this is to query the system for a password database entry from the NIS server. The ypwhich queries specific NIS databases, for example: ypwhich username passwd If this returns the line from the NIS passwd database for the given user, you have successfully queried the NIS database. One way to verify that the information returned is correct is to run this same command on another system in your NIS domain whose NIS configuration is known to be working.
All rights reserved.
0コメント