Network Information Services (NIS) can be used to login in all machines in a network if we create a user account in NIS server. NIS clients will check in the NIS server and login accordingly.To make it more effecient we install NFS so that we can use server space as home directory so that we can share home directory when we login from different machines.
So first we configure NFS server. Let NFS server be 192.168.0.1 (setupserver1) and client 192.168.0.2 (setupclient1). I have tested this in Centos Server. First of all to configure NFS, we need the following rpms namely nfs, nfslock and portmap.
You can check it like this.
{codecitation} rpm -qa | grep nfs{/codecitation}
If they are not installed, install it as follows.
{codecitation} yum install nfs nfslock portmap{/codecitation}
After that we need to create a nfshome in setupserver1.
Edit /etc/exports file to allow NFS mounts of /nfshome directory as follows.
{codecitation} /home *(rw,sync){/codecitation}
For NFS to read the new entry type the following.
{codecitation} exportfs -a{/codecitation}
Make sure that all services are running fine and will start automatically at next reboot as follows.
{codecitation} service portmap start
service nfslock start
service nfs start
chkconfig nfslock on
chkconfig netfs on
chkconfig portmap on{/codecitation}
Now try to connect to the NFS server from the client machine setupclient1.
{codecitation} mount 192.168.0.1:/nfshome /home/{/codecitation}
After that we need to take this nfs folder to get accessed when the home directory is not present locally in the machine.
{codecitation} /etc/auto.master
/home /etc/auto.home --timeout 600
/etc/auto.home
* -fstype=nfs,soft,intr,rsize=8192,wsize=8192,nosuid,tcp \
192.168.0.1:/nfshome/&
{/codecitation}
After that restart autofs
{codecitation} service autofs restart{/codecitation}
Now NFS server and client is ready to use. Now we need to configure the NIS server so that we can login in to the client using the logins from the server machine.
NIS server
First of all we need to add a NIS domain.
{codecitation} /etc/sysconfig/network
NISDOMAIN="NIS-NETWORK1"
{/codecitation}
NIS servers also have to be NIS clients themselves, so you'll have to edit the NIS client configuration file /etc/yp.conf to list the domain's NIS server as being the server itself or localhost.
/etc/yp.conf - ypbind configuration file
{codecitation} ypserver 127.0.0.1{/codecitation}
Now restart all services that are necessary for the NIS client
{codecitation} service portmap restart
service yppasswdd restart
service ypserv restart
service ypbind restart
service ypxfrd restart
rpcinfo -p localhost
{/codecitation}
Now that you have decided on the name of the NIS domain, you'll have to use the ypinit command to create the associated authentication files for the domain. You will be prompted for the name of the NIS server
With this procedure, all nonprivileged accounts are automatically accessible via NIS.
{codecitation} /usr/lib/yp/ypinit -m{/codecitation}
Now we need to add new NIS users in the server so that they can be accessed to the network.
Once this is complete, you then have to update the NIS domain's authentication files by executing the make command in the /var/yp directory.
{codecitation} useradd -g users nisuser1
passwd nisuser1
cd /var/yp
make
{/codecitation}
You can check whether the user is added correctly using the command given below.
{codecitation} ypmatch nisuser1 passwd{/codecitation}
Or
{codecitation} getent passwd nisuser1{/codecitation}
Now we have configured the NIS server. We are going to configure NIS client now.
{codecitation} authconfig-tui{/codecitation}
This will ask for IP address and domain of NIS server.
/etc/yp.conf - ypbind configuration file
{codecitation} domain NIS-NETWORK server 192.168.0.1{/codecitation}
In addition, the authconfig program updates the /etc/nsswitch.conf file that lists the order in which certain data sources should be searched for name lookups, such as those in DNS and NIS. Here you can see where NIS entries were added for the important login files.
{codecitation} #/etc/nsswitch.conf
passwd: files nis
shadow: files nis
group: files nis
service portmap restart
service ypbind restart
chkconfig ypbind on
chkconfig portmap on
{/codecitation}
Test the communication as follows.
{codecitation} ypcat passwd
ypmatch nisuser passwd
getent passwd nisuser{/codecitation}
