Sun and Oracle Community Voices How to Buy Log In United States [Change] English

BigAdmin System Administration Portal
Community Submitted Article
Print-friendly VersionPrint-friendly Version
This content is submitted by a BigAdmin user. It has not been reviewed for technical accuracy by Sun Microsystems, though it may have been lightly edited to improve readability. If you find an error or would like to comment on the article, please contact the submitter or use the comment field at the bottom of the article. Community submissions may not follow Sun trademark guidelines. For information on Sun trademarks, please see http://www.sun.com/suntrademarks/.
 
 

Configuration and Administration of NIS Server and Client

A. K. M. Golam Mahbub, February 2006

This article offers background information on NIS as well as the following procedures:

  • Configuring an NIS server and client
  • Administering the NIS users on the server
  • Unconfiguring NIS on master server or slave server and client

NIS focuses on making network administration more manageable by providing centralized control over a variety of network information. NIS stores information about host names, addresses, users, groups, and network services. This collection of network information is referred to as the NIS namespace.

NIS namespace information is stored in files called NIS maps. NIS maps were designed to supplement many of the UNIX /etc files. These maps store much more than names and addresses. As a result, the NIS namespace has a large set of maps. NIS maps are database files created from source files in the /etc directory (or in a directory that you specify). By default, these maps are stored in the /var/yp/ domainname directory on NIS servers. For example, the set of maps that contain hosts information include: 

hosts.byaddr
hosts.byname

You can obtain a list of the full set of maps from an NIS-configured system by running the ypwhich -m command.

NIS uses domains to define who can access the host names, user information, and other administrative data in its namespace. However, NIS does not use a domain hierarchy to store its data; therefore, the NIS namespace is flat.

NIS provides a forwarding service that forwards host lookups to DNS if the information cannot be found in an NIS map. The Solaris Operating System also allows you to set up the nsswitch.conf file, with the following options for lookup requests for hosts:

  • Go only to DNS.
  • Go to DNS and then to NIS, if the requests are not found by DNS.
  • Go to NIS and then to DNS, if the requests are not found by NIS.

NIS uses a client-server arrangement similar to DNS. Replicated NIS servers provide services to NIS clients. The principal server is called a master server, and, for reliability, it has a backup, or a slave server. Both master and slave servers use the NIS information retrieval software and both store NIS maps.

The name service switch file determines which name services a system uses to search for information, and in which order the name services are searched. Solaris systems use the /etc/ nsswitch.conf file as the name service switch file. The nsswitch.conf file is loaded with the contents of a template file during the installation of the Solaris OS, depending on the name service that is selected, as shown below:

(Name Service Template) 

Local files   -   /etc/nsswitch.files
DNS           -   /etc/nsswitch.dns
NIS           -   /etc/nsswitch.nis
NIS+          -   /etc/nsswitch.nisplus

To properly use the name service cache daemon (nscd), you must be able to perform the following:

  • Describe the purpose of the nscd daemon.
  • Configure the nscd daemon.
  • Stop and start the nscd daemon.
  • Start the nscd daemon during multiuser boot.

The /etc/nscd.conf configuration file controls the behavior of the nscd daemon. The nscd daemon provides caching for the passwd, group, hosts, ipnodes, exec_attr, prof_attr, and user_attr databases. Solaris system calls automatically reference the nscd cache if the nscd cache holds the type of data needed. Standardized calls retrieve the cached data. The calls take the form of getXbyY, such as gethostbyname, gethostbyaddr, and so on.


Step-by-Step Procedure for Configuring the NIS Server and Client

Steps are given here for:

  • Configuring the NIS master server
  • Configuring the NIS slave server
  • Configuring the NIS client

Configuring the NIS Master Server

1. Configure a domain name: 

# domainname <domain name>

For example: 

# domainname sunlab

# domainname  >  /etc/defaultdomain
# domainname

2. Configure the NIS configuration file: 

# cd /etc
# cp   nsswitch.nis   nsswitch.conf

3. Configure the host file: 

# vi   /etc/hosts

Add the NIS server's information. Always use the server's name in the NIS configuration.

4. Configure the user's home directory to reside on the NIS server. 

# vi   /etc/vfstab

Edit the /export/home entry to /home for the home folder of the client's local user. Use the /home folder as the local user's home folder. 

# vi /etc/auto_master

Comment all lines with # and change the /home entry to /- and change -nobrowse to -browse. 

# vi   /etc/auto_home

Comment all and enter the following line: 

/export/home   <NIS Master Server's name>:/export/home

For example: 

/export/home    raysvr:/export/home

5. Test the automount feature: 

# automount -v

This will show whether the remote file system is mounted or not. If it shows the /export/home is already mounted, then unmount / export/home and use the automount -v command again.

6. Start the YP service: 

# /usr/lib/netsvc/yp/ypstart

Configuring the NIS Slave Server

1. Configure a domain name: 

# domainname <domain name>

For example: 

# domainname sunlab

# domainname  >  /etc/defaultdomain
# domainname

2. Configure the NIS configuration file: 

# cd /etc
# cp   nsswitch.nis   nsswitch.conf

3. Configure the host file: 

# vi   /etc/hosts

Add the NIS server's information. Always use the server's name in the NIS configuration.

4. Configure the user's home directory to reside on the NIS server. 

# vi   /etc/vfstab

Edit the /export/home entry to /home for the home folder of the client's local user. Use the /home folder as the local user's home folder. 

# vi /etc/auto_master

Comment all lines with # and change the /home entry to /- and change -nobrowse to -browse. 

# vi   /etc/auto_home

Comment all and enter the following line: 

/export/home   <NIS Master Server's name>:/export/home

For example: 

/export/home    raysvr:/export/home

5. Test the automount feature: 

# automount -v

This will show whether the remote file system is mounted or not. If it shows that /export/home is already mounted, then unmount / export/home and use the automount -v command again.

6. Start the YP service: 

# /usr/lib/netsvc/yp/ypstart

7. Configure the slave server as an NIS client first: 

# ypinit   - c

(Select n to avoid stopping the process in an error.)

Provide the name of the NIS master server. Press 'Ctrl + d' and then press 'y'.

8. Configure the client as an NIS slave server: 

# ypinit   -s  <master server name>

For example: 

# ypinit  -s  raysvr

9. Check the slave server's database: 

# ypwhich  -m

Configuring the NIS Client

1. Configure a domain name: 

# domainname <domain name>

For example: 

# domainname sunlab

# domainname  >  /etc/defaultdomain
# domainname

2. Configure the NIS configuration file: 

# cd /etc
# cp   nsswitch.nis   nsswitch.conf

3. Configure the host file: 

# vi   /etc/hosts

Add the NIS server's information. Always use the server's name in the NIS configuration.

4. Configure the user's home directory to reside on the NIS server. 

# vi   /etc/vfstab

Edit the /export/home entry to /home for the home folder of the client's local user. Use the /home folder as the local user's home folder. 

# vi /etc/auto_master

Comment all lines with # and change the /home entry to /- and change -nobrowse to -browse. 

# vi   /etc/auto_home

Comment all and enter the following line: 

/export/home   <NIS Master Server's name>:/export/home

For example: 

/export/home    raysvr:/export/home

5. Test the automount feature: 

# automount -v

This will show whether the remote file system is mounted or not. If it shows the /export/home is already mounted, then unmount / export/home and use the automount -v command again.

6. Start the YP service: 

# /usr/lib/netsvc/yp/ypstart

7. Configure the slave server as an NIS client first: 

# ypinit   - c

(Select n to avoid stopping the process in an error.)

Provide the name of the NIS master server. Press 'Ctrl + d' and then press 'y'.

8. Check the NIS database: 

# ypwhich  -m

Administering the NIS Users (on the Server)

Adding a New NIS User

Add a local user by means of the useradd command or admintool.

For example: 

# useradd  -s  /bin/bash  -d   /export/home/<username>  -m   <username>

# cd   /var/yp
# /usr/ccs/bin/make passwd

This command will add the user to the NIS database, and it pushes the database to all slave servers.

Deleting an NIS User

Here's how to delete an NIS user: 

# userdel   -r  <username>

For example: 

#  userdel  -r  test

# cd   /var/yp
# /usr/ccs/bin/make  passwd

Changing a User Password

Here's how a user can change his or her password.

Log in as an NIS user to a client machine, and use this command: 

% passwd -r nis

Provide the current password. The new password must differ by a minimum of three characters from the old one and must be alphanumeric.

Note: In case a user forgets his or her password, there are ways to recover it, but we recommend just assigning a new one.


Unconfiguring NIS on Master/Slave Server and Client

1. Stop the NIS service: 

# /usr/lib/netsvc/yp/ypstop

2. Remove the NIS configuration files: 

# cd  /etc
# cp nsswitch.files  nsswitch.conf
# rm defaultdomain
# cd /var/yp/bindings
# rm  -r <domainname>

3. Edit the automount configuration: 

# vi  /etc/auto_master

Comment the entry that is responsible for remote mount, or comment all entries.

4. Reboot the system: 

# reboot

 

The information and links on this page have been provided by a BigAdmin user. The submitter is solely responsible for such information and links. Sun is not responsible for the availability of external sites or resources, and does not endorse and is not responsible or liable for any content, advertising, products, or other materials on or available from such sites or resources. Sun will not be responsible or liable, directly or indirectly, for any actual or alleged damage or loss caused by or in connection with use of or reliance on the information posted here, or goods or services available on or through any external site or resource.

Unless otherwise licensed, code in all technical manuals herein (including articles, FAQs, samples) is provided under this License.


 BigAdmin
  
»  Search the HCL
 
BigAdmin Subscriptions
»   BigAdmin Newsletter
»   BigAdmin Blog
»   BigAdmin Wiki
»   RSS Feeds
Training and Certification
BigAdmin Areas
»   All Topics/Sections
»   Articles and FAQs
»   Blogs and Wikis
»   Discussions
»   Documentation
»   Features
»   From The Forums
»   HCL
»   Multilingual
»   Patches
»   Products and Tech
»   Resources
»   Scripts
»   Software/Tools
»   Solaris 10 Apps
»   ShellCmds
»   Submit Content
»   Suggestions
»   SysAdmin Jobs
»   SysAdmin Topics
»   Tech Tips
»   Videos
»   XPerts
BigAdmin Sun Center
»   Register Your System
»   Solaris Developer Center
»   Sun BluePrints
»   Support Center
»  Sun Doc Highlights
»  Sun Tech Days
»   Sun Advisory Panel for System Admins
BigAdmin Topics
»   DST
»   DTrace
»   Interoperability
»   Networking
»   Predictive Self-Healing
»   ZFS
»  Zones