How to install Network Information Service (NIS)

 

Contributions by: Based on Howto by Thorsten Kukuk
Created/Updated: 31-01-2005 (revision history)
Versions Supported: 6.0.x (but most properly also 5.6)

 

NIS or Network Information Service, is a service that provides information, that has to be known throughout the network, to all machines on the network. NIS is a system that becomes very usefull when you have more than one SME server in your network and you want to be able to log into all with the same username. First we need to install the NIS Master Server and secondary the NIS Client.

 

 

NIS Master Server Installation:

First Collect and install the rpm`s from the NIS directory.

[root@sme ]# cd /root

[root@sme ]# mkdir NIS_SERVER

[root@sme ]# cd NIS_SERVER

[root@sme ]# wget http://sme.swerts-knudsen.dk/downloads/NIS/ypserv-2.2-9.i386.rpm
[root@sme ]# wget http://sme.swerts-knudsen.dk/downloads/NIS/portmap-4.0-41.i386.rpm

[root@sme ]# rpm -ivh *.rpm

Then create a template file where you specify from which network the portmapper can be accessed (change 192.168.100.0 to your network)

[root@sme ]# mkdir -p /etc/e-smith/templates-custom/etc/hosts.allow
[root@sme ]# echo "portmap: 192.168.100.0/255.255.255.0" > /etc/e-smith/templates-custom/etc/hosts.allow/portmap
[root@sme ]# /sbin/e-smith/expand-template /etc/hosts.allow  

Start the portmap service and ensure that it as well as the NIS server (ypserv) start on reboot

[root@sme ]# chkconfig portmap on

[root@sme ]# service portmap start
[root@sme ]# cd /etc/rc.d/rc7.d
[root@sme ]# ln -s /etc/init.d/portmap S92portmap

[root@sme ]# ln -s /etc/init.d/ypserv S93ypserv

 

We need to inform the NIS Server on which domain it acts. Create a template and add your domain name in "yourdomain.com" and start the NIS Server. 

[root@sme ]# echo "NISDOMAIN=yourdomain.com" > /etc/e-smith/templates/etc/sysconfig/network/60NISDOMAIN
[root@sme ]# /sbin/e-smith/expand-template /etc/sysconfig/network
[root@sme ]# /bin/domainname yourdomain.com

[root@sme ]# service ypserv start

 

Now we have to make sure the NIS Server is running. The following command should return this output.

[root@sme ]# rpcinfo -u localhost ypserv
program 100004 version 1 ready and waiting
program 100004 version 2 ready and waiting

Now were are almost ready to generate the NIS (YP) database but the Makefile needs to be altered a little for the SME Server. Open the /var/yp/Makefile and change the the following statements:


all: passwd group hosts rpc services netid protocols mail \

to

all: passwd group shadow  \

 

and Mimimum UID and GID to 5000 which is where the SME server starts

 

MINUID=5000
MINGID=5000


Now on the NIS Master run:

[root@sme ]# /usr/lib/yp/ypinit -m

 

Now we need to ensure that the NIS database is updated when new users and groups are added/deleted/locked or change password.

[root@sme ]# cd /etc/e-smith/events/actions

[root@sme ]# wget -N http://sme.swerts-knudsen.dk/downloads/NIS/nis-update-db

[root@sme ]# chmod ugo=rx,o-x nis-update-db

[root@sme ]# ln -s ../actions/nis-update-db ../user-create/S95NIS-Update

[root@sme ]# ln -s ../actions/nis-update-db ../user-delete/S95NIS-Update

[root@sme ]# ln -s ../actions/nis-update-db ../user-lock/S95NIS-Update

[root@sme ]# ln -s ../actions/nis-update-db ../user-modify/S95NIS-Update

[root@sme ]# ln -s ../actions/nis-update-db ../group-create/S95NIS-Update

[root@sme ]# ln -s ../actions/nis-update-db ../group-delete/S95NIS-Update

[root@sme ]# ln -s ../actions/nis-update-db ../group-modify/S95NIS-Update

[root@sme ]# ln -s ../actions/nis-update-db ../password-modify/S95NIS-Update

 

That's it, your NIS Master server is up and running. Now its time to get the NIS Client running.

 

NIS Client Installation:

Log into your client SME Server and download the needed modules from the NIS directory.

[root@sme ]# cd /root

[root@sme ]# mkdir NIS_CLIENT

[root@sme ]# cd NIS_CLIENT

[root@sme ]# wget http://sme.swerts-knudsen.dk/downloads/NIS/yp-tools-2.6-4.i386.rpm

[root@sme ]# wget http://sme.swerts-knudsen.dk/downloads/NIS/ypbind-1.10-7.i386.rpm

[root@sme ]# wget http://sme.swerts-knudsen.dk/downloads/NIS/portmap-4.0-41.i386.rpm

[root@sme ]# rpm -ivh *.rpm

 

Then create a template file where you specify from which network the portmapper can be accessed (change 192.168.100.0 to your network)

[root@sme ]# mkdir -p /etc/e-smith/templates-custom/etc/hosts.allow
[root@sme ]# echo "portmap: 192.168.100.0/255.255.255.0" > /etc/e-smith/templates-custom/etc/hosts.allow/portmap
[root@sme ]# /sbin/e-smith/expand-template /etc/hosts.allow  

 

First we need to ensure that the services start after a reboot.

[root@sme ]# cd /etc/rc.d/rc7.d
[root@sme ]# ln -s /etc/init.d/portmap S92portmap

[root@sme ]# ln -s /etc/init.d/ypbind S94ypbind

Then we need to configure the NIS Client. Open the /etc/yp.conf file and add your NIS domain in the "domain" section.

#domain NISDOMAIN broadcast
# Use broadcast on the local net for domain NISDOMAIN
#
domain yourdomain.com broadcast

 

We need to inform the NIS Client on which domain it shall listen. Create a template and add your domain name in "yourdomain.com". When that is done we can start the NIS Client.

[root@sme ]# echo "NISDOMAIN=yourdomain.com" > /etc/e-smith/templates/etc/sysconfig/network/60NISDOMAIN
[root@sme ]# /sbin/e-smith/expand-template /etc/sysconfig/network

[root@sme ]# /bin/domainname yourdomain.com


[root@sme ]# service portmap start

[root@sme ]# service ypbind start

Binding to the NIS domain: [ OK ]
Listening for an NIS domain server.

 

Now check whether the Client is running properly. Issue the command and expect the following output.

[root@sme ]# rpcinfo -p localhost 
program vers proto   port
        100000    2   tcp    111  portmapper
        100000    2   udp    111  portmapper
        100007    2   udp    758  ypbind
        100007    1   udp    758  ypbind
        100007    2   tcp    761  ypbind
        100007    1   tcp    761  ypbind

You may also run rpcinfo -u localhost ypbind. This command should produce something like:

[root@sme ]# rpcinfo -u localhost ypbind 
        program 100007 version 1 ready and waiting
        program 100007 version 2 ready and waiting

 

 

At this point you should be able to use NIS client programs like ypcat, etc... For example, ypcat passwd.byname will give you the entire NIS password database. Now we need to make sure that the SME server uses NIS when validating. All this is configured in the /etc/nsswitch.conf file. This file is already in a SME template and we need to modify it a little. Open /etc/e-smith/templates/etc/nsswitch.conf/10files and modify to match the following lines to ensure users, groups and their respective passwords are checked by NIS.

 

passwd: nis files
shadow: nis files
group: nis files
 

hosts: { ($AccessType eq "off") ? "files" : "files dns" }
services: files
networks: files
protocols: files
rpc: files
ethers: files
netmasks: files
bootparams: files
automount: files
aliases: files

 

Now we just need to expand the template and restart the NIC Client.

[root@sme home]# /sbin/e-smith/expand-template /etc/nsswitch.conf

[root@sme ]# service ypbind restart

Shutting down NIS services: [ OK ]
Binding to the NIS domain: [ OK ]
Listening for an NIS domain server.
 

 

 

Your NIS installation is now complete and you should now be able to log into the Client server with UserIDs and Password stored and distributed from the NIS master. Now you should only add new users on the NIS master and whenever you add or modify a user on the NIS master server.

 

 

See FAQ below if you have any questions before mailing me.

 

 

Frequently Asked Questions (FAQ):

 

Question Answer
Is the a server panel to configure this? No but I dream of doing one to configure the NIS Master and Clients
   
   

 

Revision History

 

Date Changes
Jan 31, 2005 Added yet another reason to update NIS (password-modify event)
Nov 9, 2004 Initial version