Creative Training Solutions

Salix Training Limited

This page shows an example of configuring NIS on Solaris 10

NIS Configuration

NIS is an old but reliable and simple way to centralize network and user configuration information.

The following exercise will configure a simple master and slave server with as many clients as you like. It does not include any extra security information and configuration.

Text Box: This lab will prepare one host to be a NIS Master Server and start the NIS service. Then the NIS Slave Server is configured and lastly the NIS clients. Question 1 Preparing files and creating user accounts. The NIS master builds NIS maps (database files) from normal text files, usually found under /etc. There are some maps we will need later, where there is not a corresponding text file. Making the text file and map after the NIS Master Server has been set up is complicated. We will create some empty text files now, and when the server is set up, empty maps will be created. It is then easy to populate the text file later and re-build the existing map. My example uses twix as the Master Server and a domain name of choc. The following commands should be done on the Master Server only: Log on as root and create or edit the following files that will be converted into NIS maps. Available time zones can be found under /usr/share/lib/zoneinfo. The current locale can be viewed with a locale command. To see all available locales, use locale –a. Ensure the hostname timehost can be resolved to the Master Server # cd /etc # touch netgroup bootparams ethers netmasks netid # vi /etc/locale choc en_GB # vi /etc/timezone GB-Eire choc # vi /etc/hosts 192.29.160.15 twix loghost timehost The existing Makefile will not build all the maps we need. Your instructor will tell you where an updated Makefile can be copied from: # cd /var/yp # mv Makefile Makefile.orig # cp /net/host/export/Makefile Makefile NIS allows user accounts to be configured on the Master Server and used by all the clients. On twix, setup user accounts for everyone in your team and make sure they all have passwords: # useradd -d /export/home/user -m user # passwd user Repeat for each user. Check the all have home directories have all been created in /export/home. Question 2 Configuring the automounter. The NIS clients will be able to use these accounts but we don't want each account having a different home directory on every client. We will configure the automounter to enable the users home directory to be automounted to the clients as required. In our lab, the Master Server will hold all the home directories. To add support for automounting the home directories, change the home directories for NIS users to /home/user # vi /etc/passwd jim:x:666:14:Jim Smith:/home/jim:/bin/ksh The client's automount daemon will be using NIS maps for its configuration. The NIS maps are built from text files so we configure the Master Server's automounter configuration files. The changes below will make any attempt to access a sub-directory of /home attempt to mount a share from the Master Server: Make sure there is a line for home in this file: # vi /etc/auto_master # Master map for automounter # +auto_master /net -hosts -nosuid,nobrowse /home auto_home -nobrowse # vi /etc/auto_home # +auto_home * twix:/export/home/& Make sure the NIS Master Server is sharing /export/home # vi /etc/dfs/dfstab share -F nfs /export/home # unshareall # shareall (or start the NFS server if NFS not configured) # dfshares (to confirm the share is working) Log on as each user on twix to test automounting is working. Question 3 Configure The Master Server. The name of the NIS domain must defined. The first command sets the domain name now, but it would be lost at reboot. The second command puts the domainname in a file so it can be defined every time we boot: # domainname choc # domainname > /etc/defaultdomain The Master Server will be a client to its own service. To make sure the Master Server resolves things from NIS, copy the relevant nsswitch file: # cp /etc/nsswitch.nis /etc/nsswitch.conf You are now ready to convert twix into NIS Master Server. A script will do this for you: # cd /var/yp # ypinit -m You will be prompted to enter the hostname for twix and then the hostname of the slave server, do this and use ^d (control d) when they have been entered. Answer n to the question on "quitting on non-fatal errors". This will have attempted to build all the maps but may have had errors. Next, check the NIS Service and daemons have started: # svcs -a | grep nis disabled 8:03:12 svc:/network/rpc/nisplus:default online 9:53:15 svc:/network/nis/xfr:default online 9:53:15 svc:/network/nis/server:default online 9:53:15 svc:/network/nis/passwd:default online 9:53:16 svc:/network/nis/update:default online 9:53:19 svc:/network/nis/client:default # pgrep -lf yp 2166 /usr/lib/netsvc/yp/ypbind 2156 /usr/lib/netsvc/yp/rpc.yppasswdd -m 2152 /usr/lib/netsvc/yp/ypserv -d 2148 /usr/lib/netsvc/yp/ypxfrd 2159 /usr/lib/netsvc/yp/rpc.ypupdated If we re-make the maps, they should all work: # cd /var/yp # /usr/ccs/bin/make Check that the NIS service is running and responding to requests: # ypwhich -m Now the NIS Master Server is configured and the only client is the Master Server itself. Question 4 Configuring the NIS Slave Server Log on as root on the machine that will be the Slave server. The machine will need to be configured as a NIS Client before it can become a Slave server. As with the Master, the slave needs to know what domain it is in at boot time: # domainname choc # domainname > /etc/defaultdomain To make sure the Slave Server resolves things from NIS, copy the relevant nsswitch file: # cp /etc/nsswitch.nis /etc/nsswitch.conf Make sure the Master Server (twix) is in the slave's /etc/hosts file. # grep 'twix' /etc/hosts To complete the client setup, use the ypinit script again. Follow the prompts and type in the names of the Master and Slave servers: # ypinit -c Check the status of the NIS client service and start it if necessary. # svcs nis/client # svcadm enable nis/client Now this host is a NIS client, the next step is to set up the Slave service. This is done with the ypinit command again. Make sure you use the NIS Master's hostname as the argument to this script: # ypinit -s twix Check the NIS Server service is running and enable it if required # svcs nis/server # svcadm enable nis/server It is best to reboot now, but you may get away with restarting the automount daemon and will read its new configuration from the NIS maps: # svcadm restart autofs When the host is booted, check that the NIS service is running and responding to requests: # pgrep -l yp # ypcat hosts # ypwhich # ypwhich -m Question 5 Configure the NIS Clients Now the Master and Slave are working, we need to configure the other hosts as clients. Log in as root on each of the clients. As with the Master and Slave, the client needs to know what domain it is in at boot time: # domainname choc # domainname > /etc/defaultdomain To make sure the client resolves things from NIS, copy the relevant nsswitch file: # cp /etc/nsswitch.nis /etc/nsswitch.conf Make sure the Master Server (twix) and the Slave Server is in the client's /etc/hosts file. # grep 'twix' /etc/hosts # grep 'slave' /etc/hosts To complete the client setup, use the ypinit script again. Follow the prompts and type in the names of the Master and Slave servers: # ypinit -c Reboot or check the status of the NIS client service and start it if necessary. # svcs nis/client # svcadm enable nis/client Restart the automount daemon and will read its new configuration from the NIS maps: # svcadm restart autofs When you have done these, or the host has booted, check that the client is working. # pgrep -l yp # ypcat hosts # ypwhich # ypwhich -m Log on as one of the new user accounts. As the home directory path is under /home, the automounter will mount the user’s home directory from the master. Change the desktop settings. Log off and the settings will be saved under a hidden directory in the home. Log on as the same user but on a different host. The new desktop settings should have been applied.

 

NIS Configuration

Phone:    +44 (0)20 8144 6944

Fax:        +44 (0)870 913 0007