[RedHat6.2] NIS Server Configuration

Source: Internet
Author: User
Tags domain name server domain server

[RedHat6.2] The NIS server configuration is mainly used to manage users' accounts and passwords in a unified manner. It has the following meanings: Suppose there are 20 Linux Hosts in the company, for employees in the company, they can access all the 20 Linux Hosts. We assume that a company member needs to change the password so that they can log on to all the hosts, the traditional thinking is to execute passwd on these 20 too many Linux Hosts separately, which is very inefficient and inconvenient for managers, therefore, the NIS service solves this problem. The principle is to save all user account and password information on the NIS server, when a user logs on to one of the Linux Hosts and performs account and password verification, the logon host sends a verification request to the NIS server. If the authentication is correct, the user logs on successfully, otherwise, the user fails to log on. The NIS Server www.2cto.com stores the user's account and password in the database file. The NIS client sends a request to it through RPC (Remote Procedure Call. All NIS clients are requested by an NIS server. Therefore, an account can be used to log on to all Linux Hosts. After you modify your password, it is synchronized to the database file of the NIS server. This completes the effect of multiple changes and is very convenient for account management. 1. NIS server configuration 1. make sure that the required software has been installed with yp-tools: Provide the NIS-related query command ypbind: because the Client and the Server need to communicate, bind ypserv: NIS Server-side setting software rpcbind: required Software for RPC 2. start configuring NIS Server 1> set the NIS Server domain name nisdomainname domainname vi/etc/sysconfig/network: NISDOMAIN = domainname to set the Domain Name: YPSERV_ARGS = "-p 1011" sets NIS to be started on a fixed port, that is, 1011, this is to facilitate the use of iptables to directly manage NIS # automatically set the domain name vi/etc/rc at startup. local/sbin/nisdomainname domainname # Add 2> Configure the main file/etc/ypserv. conf [host name/I P] [NIS domain name] [available database name] [security restrictions] 192.168.171.0/255.255.255.0: *: none [security restrictions]: including no restrictions on none, only port less than 1024 can be used, and deny is rejected. 3> set the corresponding vi/etc/hosts 192.168.171.135 nisserver 192.168.171.136 nisclient01 192.168.171.20.nisclient02 for the host name and IP address... write the corresponding IP address and host name of all hosts here 4> Start and view the relevant service vi/etc/sysconfig/yppasswdd YPPASSWDD_ARGS = "-- port 1012" to find this location, modify it to/etc/init. d/ypserv start/etc/init. d/yppasswdd start chkcon Fig ypserv on # set to start chkconfig yppasswd on rpcinfo-u localhost ypserv # The following words appear, it indicates that it is normal # program 100004 version 1 ready and waiting program 100004 version 2 ready and waiting 5> process the account and create the database useradd-u 1001 testuser01 useradd-u 1002 testuser02 useradd-u 1003 testuser03 echo testuser01 | echo passwd -- stdin testuser01 echo testuser02 | echo passwd -- stdin testuser02 echo testuser03 | echo passwd -- Stdin testuser03 # in this way, the three users testuser01 testuser02 testuser03 have the same password and user name-u represents the specified uid # Next, convert the account and password data to the database/usr/lib64/ yp/ypinit-m note: if the user password has changed, you need to re-create the database and restart ypserv and yppasswdd. for example, if useradd somebody or passwd somebody is added to the server, you must recreate the database. That is: /usr/lib/yp/ypinit-m 6> set the firewall to disable the firewall of the NIS Server: service iptables stop 2: set NIS Client 1> set NIS domain name nisdomainname domainname # The same as NIS Server domain name vi/etc/ho Sts NISDOMAIN = domainname vi/etc/rc. local/sbin/nisdomainname domainname 2> View the installation package ypbind yp-tools required for installation 3> set the main configuration file: vi/etc/yp. conf domain domainname server 192.168.171.135 # Add # format: domain your NIS Server and Client domain Name server IP address of your NIS server 4> set/etc/nsswitch. conf file. Find the following items in the order of modifying and verifying the user account and password: passwd: files shadow: files group: files # hosts: db files ldap nis dns hosts: files dns: passwd: files nis shad Ow: files nis group: files nis # hosts: db files ldap nis dns hosts: files nis dns 5> check the startup status of the client portmap Process. After confirming that the process is correct, start the ypbind process: service portmap status portmap (pid 1774) is running... service ypbind start Shutting down NIS services: [OK] Binding to the NIS domain: [OK] Listening for an NIS domain server. set ypbind to automatically start chkconfig -- level 2345 ypbind on 6> Test the client connection yptest #. The Test information is displayed to identify whether a problem occurs. Test 3 Wraing: No such key in map (Map passwd. byname, key nobody) ypwhich-x check database 7> Configure the client to log on to the NIS domain vi/etc/sysconfig/authconf at startup # Find and modify USENIS = no to USEINS = yes 8> test the client su-testuser01 Last login: wed Jul 11 17:59:14 2007 from server cocould not chdir to home directory/home/nisuser: No such file or directory-bash-3.00 $ this is normal, because we know that all user information is stored on the NIS server, we cannot find the user directory. The solution here is to use NFS to share the/home directory. On the NIS client, only Mount required. We will not describe it here for the time being. It will be available soon...

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.