|
1. NIS server
2. NIS client
3. Troubleshooting
4. Releated documents
1.1. Installation
apt-get install netbase nis
1.2. Configuration
1.2.1. File /etc/hosts
Add in this file, for each server/client, all the servers and clients of your network.
1.2.2. File /etc/defaultdomain
This file contains the domain name of the NIS.
You don't need to update it, because it's already done during the installation of the nis package.
1.2.3. File /etc/default/nis
Set at least the following value:
NISSERVER=master
1.2.4. File /etc/ypserv.securenets
Add your local network, like
255.255.255.0 192.168.128.0
1.2.5. File /etc/ypserv.conf
If you want more security, edit this file. For normal cases, it's not necessary to do something here.
1.2.6. Setup the server
Call
/usr/lib/yp/ypinit -m
and ignore the various
"failed to send ..."
messages.
1.2.7. NIS on server
If you want NIS access also on the server, after have configured this last, just continue setting it up like a client.
1.2.8. Start the NIS service
/etc/init.d/nis restart
2.1. Installation
apt-get install netbase nis
2.2. Configuration
2.2.1. File /etc/passwd
Add the following line at the end of this file:
+::::::
2.2.2. File /etc/groups
Add the following line at the end of this file:
+::0:
2.2.3. File /etc/nsswitch.conf
Add
nis
to the "hosts" line.
For example:
hosts: nis files dns
2.2.4. Start the NIS service
/etc/init.d/nis restart
3.1. Changing domain name
The domain name should normaly be changed calling
dpkg-reconfigure nis
but this seems to don't reask it. A workaround is
apt-get remove --purge nis; apt-get install nis
or simply edit the file /etc/defaultdomain.
3.2. Clients not updated
If you have changed passwords or other settings and there are not been reflected to the NIS client, try
cd /var/yp/
make
3.3. Groups not propagated to clients
If you want to set up only once the group access for each user and this shall be valid for all the NIS clients, change in /var/yp/Makefile the following value
MINGID=1000
A good value could be:
MINGID=7
Don't forget to updated the NIS configuration:
cd /var/yp/
make
3.4. NIS Login failure on client side
If you can successfully login with a NIS account on the server side, but not on the client side and on the client side you see the NIS users/groups (login as root, then ls -l /home), it could be you have a problem with the shadow passwords.
The default Debian configuration seems to don't work very well with shadow password.
If you want a cheap solution, simply disable it on both client and server sides, by calling on both sides
dpkg-reconfigure passwd
Note, the only difference between shadow or not shadow password, is the crypted password is not showed in the /etc/passwd file that is world readable but is stored in the /etc/shadow file that is reabable by the root only.
4.1. Debian NIS howto
This micro howto is based on http://www.linux-nis.org/doc/nis.debian.howto.
|
