An advantage of NIS is that users need to change their passwords on the NIS server only, instead of every system on the network. This makes NIS popular in computer training labs, distributed software development projects or any other situation where groups of people have to share many different computers.
The disadvantages are that NIS doesn't encrypt the username and password information sent to the clients with each login and that all users have access to the encrypted passwords stored on the NIS server. A detailed analysis of NIS security is beyond the scope of this book, but I suggest that you restrict its use to highly secure networks or to networks where access to non-NIS networks is highly restricted.
The Lightweight Directory Access Protocol (LDAP) offers similar features to NIS but has the advantage of supporting encryption without additional software and can support clients across multiple networks without the need for slave servers. It is for this reason that LDAP has become increasingly popular for this type of application.
Setup Of NIS server
> First of all install the yp* packages at the server side
# yum install yp*
> Enter your Nisdomain name and hostname in /etc/sysconfig/network
# vim /etc/sysconfig/network
NISDOMAIN = chandigarh
HOSTNAME = station1.chd.edu
:wq!
# nisdomain chandigarh [Apply temporary changes to avoid reboot because the above edited file will be read by system at reboot]
# vim /var/yp/securenets [you have to manually create securenets file]
255.255.255.255 127.0.0.1
255.0.0.0 10.0.0.0 <-i'm assuming that 10.0.0.0 is your network range
:wq!
# vim /var/yp/Makefile
:se nu
:109
->remove | from the end of the line to enable it
:wq!
# /usr/lib/yp/ypinit -m
->it will ask for machine names that can be used from whete the defined users will sit onto server
->give the hostname and domainname from configured execution
-> i am adding user test1
next host to add: test1
next host to add:
-> press ctrl+d, and it will show output like this
test1
Is this correct? [y/n: y] y
We need a few minutes to build the databases...
Building /var/yp/NIS-SCHOOL-NETWORK/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/NIS-SCHOOL-NETWORK'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/NIS-SCHOOL-NETWORK'
test1 been set up as a NIS master server.
Now you can run ypinit -s test1 all slave server.
# vim /var/yp/ypservers [it will show the users that you have added like test1]
>Now share the users home directory to the network
# vim /etc/exports
/home/ *(rw,sync)
:wq!
> Now run the setup command and at authentication select NIS and put your nisdomain name and its ip
>Then start all the services
# service nfs restart
# service portmap start
# service ypserv restart
# service yppasswdd restart
# service ypbind restart
>Now share the users home directory to the network
# vim /etc/exports
/home/ *(rw,sync)
:wq!
> Now run the setup command and at authentication select NIS and put your nisdomain name and its ip
>Then start all the services
# service nfs restart
# service portmap start
# service ypserv restart
# service yppasswdd restart
# service ypbind restart
Setup Of NIS Client
# vim /etc/auto.master
/home/ /etc/auto.misc
:wq!
# vim /etc/auto.misc
test1 -rw,sync,intr 10.0.0.254:/home/test1
OR
* -rw,sync,intr 10.0.0.254:/home/&
:wq!
# setup
Authentication>nis>fill the nisdomain name and its ip >ok>quit
# service autofs restart
# service ypbind restart
Now you can login in any client machine with username and password of user which is created on server machine,like here its user "test1"
No comments:
Post a Comment