Mudanças entre as edições de "Minicluster:NIS"

Edição das 10h55min de 9 de julho de 2010 (ver código-fonte) Dago (Discussão | contribs) m (→‎Referências) ← Edição anterior		Edição das 10h56min de 9 de julho de 2010 (ver código-fonte) Dago (Discussão | contribs) m (→‎Referências) Edição posterior →
Linha 156:		Linha 156:
	== Referências ==		== Referências ==
		+	* http://bradthemad.org/tech/notes/redhat_nis_setup.php, walkthrough completo
	* http://under-linux.org/wiki/Tutoriais/LDAP/LDAP-NIS-NFS		* http://under-linux.org/wiki/Tutoriais/LDAP/LDAP-NIS-NFS
	* http://www.wellho.net/solutions/general-what-are-nis-ldap-dns-and-bind.html		* http://www.wellho.net/solutions/general-what-are-nis-ldap-dns-and-bind.html

---

Edição das 10h56min de 9 de julho de 2010

Servidor NIS

• Instale o servidor NIS

[root@one]$ yum install ypserv
[root@one]$ chkconfig --level 345 ypserv on
[root@one]$ nisdomainname nismatrix 
[root@one]$ nisdomainname
nismatrix
[root@one]$ /etc/init.d/ypserv start
Starting YP server services:             [  OK  ]
[root@one]$ rpcinfo -u one ypserv
program 100004 version 1 ready and waiting
program 100004 version 2 ready and waiting

• Editar linhas em

[root@one]$ vi /var/yp/Makefile
..
ALIASES     = $(YPSRCDIR)/aliases  # aliases could be in /etc or /etc/mail
#ALIASES    = /etc/mail/aliases
..

• Gerar o banco de dados no servidor

[root@one]$ /usr/lib64/yp/ypinit -m

Cliente NIS

[root@cell100]$ chkconfig --level 345 ypbind on
nisdomainname nismatrix                                        
[root@cell100] ~ # nisdomainname

config

The following describes a procedure to set up NIS network name service under Red Hat Linux. This is geared toward a small intallation with only one domain. However, it should be fairly evident how to add more NIS domains. The NIS domain name has nothing to do with any DNS naming convention being used.

É necessário informar um nome de domínio NIS (que pode ser diferente de matrix). Foi informado nismatrix

Setting up a NIS master server

Required packages: yp-tools ypbind ypserv portmap

Set up "time" service to run via inetd/xinetd, or configure xntpd, or otherwise make sure the host's clock is synchronized.

• Edite /etc/yp.conf:

domain internal server ip.of.nis.server
domain nismatrix server 192.168.0.99

Edite /etc/ypserv.conf:

..
dns: no
files: 30
xfr_check_port: yes
* : * : shadow.byname : port
* : * : passwd.adjunct.byname : port 

Edite /etc/sysconfig/network:

NISDOMAIN="nismatrix"

Setar NIS domain name:

one# domainname nismatrix
one# ypdomainname nismatrix

Create file /var/yp/securenets:

host 127.0.0.1
255.255.255.0   10.0.0.0

Make sure the "portmap" service is running:

master# service portmap start
master# chkconfig portmap on

Portmap will need a rule in /etc/hosts.allow to allow access from localhost and any hosts that need to access NIS.

Inicie o serviço ypserv:

one# service ypserv start

Verifique se está escutando

one# rpcinfo -u localhost ypserv
program 100004 version 1 ready and waiting
program 100004 version 2 ready and waiting

Inicialize o mapeamento NIS:

one# /usr/lib64/yp/ypinit -m

Especifique one.matrix, Ctrl-D, y, e deixe finalizar.

Inicie ypbind, yppasswdd, ypxfrd:

one# service ypbind start
one# service yppasswdd start
one# service ypxfrd start

Set YP services to run on boot-up:

one# chkconfig ypserv on
one# chkconfig ypbind on
one# chkconfig yppasswdd on
one# chkconfig ypxfrd on

NIS client host setup

Required packages: yp-tools ypbind portmap

Edit /etc/sysconfig/network:

NISDOMAIN=internal

Edit /etc/yp.conf:

domain internal server ip.of.master.server

Edit /etc/hosts:

ip.of.master.server    hostname.domain hostname

Set NIS domain-name:

client# domainname internal
client# ypdomainname internal

Edit /etc/nsswitch.conf:

passwd:     files nis
shadow:     files nis
group:      files nis

Make sure the portmap service is running:

client# service portmap start
client# chkconfig portmap on

The /etc/hosts.allow file will need rules allowing access from localhost and the NIS master server.

Start ypbind service:

client# service ypbind start
client# chkconfig ypbind on

Test it out:

client# rpcinfo -u localhost ypbind
client# ypcat passwd

Gerenciando usuários

• adicionar usuário: (como root no servidor NIS)

useradd -g grupo usuario

ou criando diretório home

useradd -m -g grupo usuario

Para funcionar foi preciso a opção -p password (que cria senha padrão)

useradd -m -p password -g grupo usuario

• • Atualizar o banco de dados NIS

make -C /var/yp

• Trocando a senha para o usuário

yppasswd -p usuario

User password management: Users will now change their passwords using the NIS password command yppasswd instead of the local password file affected command, passwd. When using an NIS slave (described below), then do not modify the password while logged into the NIS master.

Referências

• http://bradthemad.org/tech/notes/redhat_nis_setup.php, walkthrough completo
• http://under-linux.org/wiki/Tutoriais/LDAP/LDAP-NIS-NFS
• http://www.wellho.net/solutions/general-what-are-nis-ldap-dns-and-bind.html
• http://bradthemad.org/tech/notes/redhat_nis_setup.php
• http://www.yolinux.com/TUTORIALS/NIS.html
• http://www.tldp.org/HOWTO/NIS-HOWTO/ypserv.html