Configuration and Administration of NIS Server and Client

Configuration and Administration of NIS Server and Client

S Kannan, Open Systems Technologies, Chennai

This article offers background information on NIS as well as the following procedures:

• Configuring an NIS server and client

• Administering the NIS users on the server
• Unconfiguring NIS on master server or slave server and client

NIS focuses on making network administration more manageable by providing

centralized control over a variety of network information. NIS stores information about
host names, addresses, users, groups, and network services. This collection of network
information is referred to as the NIS namespace.

NIS namespace information is stored in files called NIS maps. NIS maps were designed
to supplement many of the UNIX /etc files. These maps store much more than names
and addresses. As a result, the NIS namespace has a large set of maps. NIS maps are
database files created from source files in the /etc directory (or in a directory that you
specify). By default, these maps are stored in the /var/yp/ domainname directory on
NIS servers. For example, the set of maps that contain hosts information include:

hosts.byaddr
hosts.byname

You can obtain a list of the full set of maps from an NIS-configured system by running
the ypwhich -m command.

NIS uses domains to define who can access the host names, user information, and other
administrative data in its namespace. However, NIS does not use a domain hierarchy to
store its data; therefore, the NIS namespace is flat.

NIS provides a forwarding service that forwards host lookups to DNS if the information
cannot be found in an NIS map. The Solaris Operating System also allows you to set up
the nsswitch.conf file, with the following options for lookup requests for hosts:

• Go only to DNS.
• Go to DNS and then to NIS, if the requests are not found by DNS.
• Go to NIS and then to DNS, if the requests are not found by NIS.

NIS uses a client-server arrangement similar to DNS. Replicated NIS servers provide
services to NIS clients. The principal server is called a master server, and, for reliability,
it has a backup, or a slave server. Both master and slave servers use the NIS information
retrieval software and both store NIS maps.

Open Systems Technologies Chennai

www.ostech.org +91 44 420 77465
 Configuration and Administration of NIS Server and Client

The name service switch file determines which name services a system uses to search for
information, and in which order the name services are searched. Solaris systems use the
/etc/ nsswitch.conf file as the name service switch file. The nsswitch.conf file is
loaded with the contents of a template file during the installation of the Solaris OS,
depending on the name service that is selected, as shown below:

(Name Service Template)

Local files - /etc/nsswitch.files

DNS - /etc/nsswitch.dns
NIS - /etc/nsswitch.nis
NIS+ - /etc/nsswitch.nisplus

To properly use the name service cache daemon (nscd), you must be able to perform the
following:

• Describe the purpose of the nscd daemon.

• Configure the nscd daemon.
• Stop and start the nscd daemon.
• Start the nscd daemon during multiuser boot.

The /etc/nscd.conf configuration file controls the behavior of the nscd daemon. The
nscd daemon provides caching for the passwd, group, hosts, ipnodes, exec_attr,
prof_attr, and user_attr databases. Solaris system calls automatically reference the
nscd cache if the nscd cache holds the type of data needed. Standardized calls retrieve
the cached data. The calls take the form of getXbyY, such as gethostbyname,
gethostbyaddr, and so on.

Exercise:
=======

Step-by-Step Procedure for Configuring the NIS Server and Client

Steps are given here for:

• Configuring the NIS master server

• Configuring the NIS slave server
• Configuring the NIS client

Open Systems Technologies Chennai

www.ostech.org +91 44 420 77465
 Configuration and Administration of NIS Server and Client

Configuring the NIS Master Server

1. Configure a domain name:

# domainname <domain name>

For example:

# domainname sunlab

# domainname > /etc/defaultdomain

# domainname

2. Configure the NIS configuration file:

# cd /etc
# cp nsswitch.nis nsswitch.conf

3. Configure the host file:

# vi /etc/hosts

Add the NIS server's information. Always use the server's name in the NIS configuration.

4. Configure the user's home directory to reside on the NIS server.

# vi /etc/vfstab

Edit the /export/home entry to /home for the home folder of the client's local user. Use
the /home folder as the local user's home folder.

# vi /etc/auto_master

Comment all lines with # and change the /home entry to /- and change -nobrowse to -
browse.

# vi /etc/auto_home

Comment all and enter the following line:

/export/home <NIS Master Server's name>:/export/home

Open Systems Technologies Chennai

www.ostech.org +91 44 420 77465
 Configuration and Administration of NIS Server and Client

For example:

/export/home raysvr:/export/home

5. Test the automount feature:

# automount -v

This will show whether the remote file system is mounted or not. If it shows the
/export/home is already mounted, then unmount / export/home and use the
automount -v command again.

6. Start the YP service:

# /usr/lib/netsvc/yp/ypstart

Configuring the NIS Slave Server

1. Configure a domain name:

# domainname <domain name>

For example:

# domainname sunlab

# domainname > /etc/defaultdomain

# domainname

2. Configure the NIS configuration file:

# cd /etc
# cp nsswitch.nis nsswitch.conf

3. Configure the host file:

# vi /etc/hosts

Add the NIS server's information. Always use the server's name in the NIS configuration.

Open Systems Technologies Chennai

www.ostech.org +91 44 420 77465
 Configuration and Administration of NIS Server and Client

4. Configure the user's home directory to reside on the NIS server.

# vi /etc/vfstab

Edit the /export/home entry to /home for the home folder of the client's local user. Use
the /home folder as the local user's home folder.

# vi /etc/auto_master

Comment all lines with # and change the /home entry to /- and change -nobrowse to -
browse.

# vi /etc/auto_home

Comment all and enter the following line:

/export/home <NIS Master Server's name>:/export/home

For example:

/export/home raysvr:/export/home

5. Test the automount feature:

# automount -v

This will show whether the remote file system is mounted or not. If it shows that
/export/home is already mounted, then unmount / export/home and use the
automount -v command again.

6. Start the YP service:

# /usr/lib/netsvc/yp/ypstart

7. Configure the slave server as an NIS client first:

# ypinit - c

(Select n to avoid stopping the process in an error.)

Provide the name of the NIS master server. Press 'Ctrl + d' and then press 'y'.

Open Systems Technologies Chennai

www.ostech.org +91 44 420 77465
 Configuration and Administration of NIS Server and Client

8. Configure the client as an NIS slave server:

# ypinit -s <master server name>

For example:

# ypinit -s raysvr

9. Check the slave server's database:

# ypwhich -m

Configuring the NIS Client

1. Configure a domain name:

# domainname <domain name>

For example:

# domainname sunlab

# domainname > /etc/defaultdomain

# domainname

2. Configure the NIS configuration file:

# cd /etc
# cp nsswitch.nis nsswitch.conf

3. Configure the host file:

# vi /etc/hosts

Add the NIS server's information. Always use the server's name in the NIS configuration.

4. Configure the user's home directory to reside on the NIS server.

# vi /etc/vfstab

Edit the /export/home entry to /home for the home folder of the client's local user. Use
the /home folder as the local user's home folder.

Open Systems Technologies Chennai

www.ostech.org +91 44 420 77465
 Configuration and Administration of NIS Server and Client

# vi /etc/auto_master

Comment all lines with # and change the /home entry to /- and change -nobrowse to -
browse.

# vi /etc/auto_home

Comment all and enter the following line:

/export/home <NIS Master Server's name>:/export/home

For example:

/export/home raysvr:/export/home

5. Test the automount feature:

# automount -v

This will show whether the remote file system is mounted or not. If it shows the
/export/home is already mounted, then unmount / export/home and use the
automount -v command again.

6. Start the YP service:

# /usr/lib/netsvc/yp/ypstart

7. Configure the slave server as an NIS client first:

# ypinit - c

(Select n to avoid stopping the process in an error.)

Provide the name of the NIS master server. Press 'Ctrl + d' and then press 'y'.

8. Check the NIS database:

# ypwhich -m

Open Systems Technologies Chennai

www.ostech.org +91 44 420 77465
 Configuration and Administration of NIS Server and Client

Administering the NIS Users (on the Server)

Adding a New NIS User

Add a local user by means of the useradd command or admintool.

For example:

# useradd -s /bin/bash -d /export/home/<username> -m <username>

# cd /var/yp
# /usr/ccs/bin/make passwd

This command will add the user to the NIS database, and it pushes the database to all
slave servers.

Deleting an NIS User

Here's how to delete an NIS user:

# userdel -r <username>

For example:

# userdel -r test

# cd /var/yp
# /usr/ccs/bin/make passwd

Changing a User Password

Here's how a user can change his or her password.

Log in as an NIS user to a client machine, and use this command:

% passwd -r nis
Provide the current password. The new password must differ by a minimum of three
characters from the old one and must be alphanumeric.

Note: In case a user forgets his or her password, there are ways to recover it, but we
recommend just assigning a new one.

Open Systems Technologies Chennai

www.ostech.org +91 44 420 77465
 Configuration and Administration of NIS Server and Client

Unconfiguring NIS on Master/Slave Server and Client

1. Stop the NIS service:

# /usr/lib/netsvc/yp/ypstop

2. Remove the NIS configuration files:

# cd /etc
# cp nsswitch.files nsswitch.conf
# rm defaultdomain
# cd /var/yp/bindings
# rm -r <domainname>

3. Edit the automount configuration:

# vi /etc/auto_master

Comment the entry that is responsible for remote mount, or comment all entries.

4. Reboot the system:

# reboot

Open Systems Technologies Chennai

www.ostech.org +91 44 420 77465