1 / 14

NIS

NIS. Consistent configuration across the network. Why NIS?. Primary reason is to provide same user configuration across the network Users go any machine and log in with the same password NOT a means of mounting files… that is NFS. Problem. Workstation. User changes Password. Workstation.

kermit-norton
Télécharger la présentation

NIS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NIS Consistent configuration across the network

  2. Why NIS? • Primary reason is to provide same user configuration across the network • Users go any machine and log in with the same password • NOT a means of mounting files… that is NFS

  3. Problem Workstation User changes Password Workstation Workstation

  4. Problem Workstation User tries to login w/new password Workstation FAILURE! Workstation

  5. Solution: Centralized management Workstation User changes Password Stored on server NIS Server Workstation Workstation

  6. Solution: Centralized management Workstation Ask server User tries to login w/new password NIS Server Workstation Login succeeds Workstation SUCCESS!

  7. OK, but is that all? • NO. It’s just the most important function. • More generally it allows centralization of many configuration parameters. • Providing a server allows for storing the info in a single place w/ single copy. • Must tell server what to share • Must tell clients what to ask • Understanding NIS requires knowing what it handles and what it doesn’t handle!

  8. Who Can See It? • Originally on a network segment • Typically local • Servers can be hard-coded or broadcast • Security issues for • Broadcasting • Passwords for logging in • Used by machines in the NIS domain • Not the same as a DNS domain but could have the same name

  9. What else does it handle? • Users, passwords,groups • Mail aliases • Host name/ip mapping like dns • Boot parameters • Printer definitions • And others • You can pick and choose which to provide

  10. How are these functions similar? encrypted password user hostname ip address Both are simply mapping functions!

  11. Main Components • A server and its configuration • ypserv • yp.conf • Client configuration • ypbind • nsswitch.conf • Rpc portmapper running • A domain defined • Database files • Option slave servers for redundancy

  12. Setting up the server • Make sure “rpc” is running ypserv (likely) • rpcinfo -u localhost ypserv • It will report versions running • Generate the database files • /usr/lib/yp/ypinit -m • Update as necessary by • Changing files • In /var/yp, run “make” • If using network passwords, run rpc.yppasswd

  13. Generating database files • Can be tricky • Each separate function should be addressed as the nuances are different. • E.g. “dns’ function is used for NIS domain but regular DNS must be available for the outside world • E.g. “password”s can be served some locally and some centrally

  14. Setting up the client • Define the location of server in /etc/yp.conf • Use “domainname” to set machine domain • Same as in server • Run rpcinfo -p localhost looking for ypbind and portmapper • Create /var/yp directory if necessary • Modify nsswitch.conf to use the nis service

More Related