Using NIS

Contents

3.1. Configuring NIS Servers
3.2. Configuring NIS Clients

Abstract

As soon as multiple UNIX systems in a network want to access common resources, it becomes imperative that all user and group identities are the same for all machines in that network. The network should be transparent to users: their environments should not vary, regardless of which machine they are actually using. This can be done by means of NIS and NFS services. NFS distributes file systems over a network and is discussed in Kapitel Verteilte Nutzung von Dateisystemen mit NFS (↑Referenz).

NIS (Network Information Service) can be described as a database-like service that provides access to the contents of /etc/passwd, /etc/shadow, and /etc/group across networks. NIS can also be used for other purposes (making the contents of files like /etc/hosts or /etc/services available, for example), but this is beyond the scope of this introduction. People often refer to NIS as YP, because it works like the network's yellow pages.

Configuring NIS Servers

To distribute NIS information across networks, you can either have one single server (a master) that serves all clients, or you can have NIS slave servers requesting this information from the master and relaying it to their respective clients.

Configuring a NIS Master Server

To configure a NIS master server for your network, proceed as follows:

  1. Start YaST+Network Services+NIS Server. If the module is not there, install the package yast-nis-server.

  2. Select Create NIS Master Server and proceed with Next.

  3. Determine basic NIS setup options:

    1. Enter the NIS domain name.

    2. Define whether the host should also be a NIS client (enabling users to log in and access data from the NIS server) by selecting This Host is also a NIS Client.

    3. If your NIS server needs to act as a master server to NIS slave servers in other subnets, select Active Slave NIS Server Exists.

      The option Fast Map Distribution is only useful in conjunction with Active Slave NIS Servers Exist. It speeds up the transfer of maps to the slaves.

    4. Select Allow Changes to Passwords to allow users in your network (both local users and those managed through the NIS server) to change their passwords on the NIS server (with the command yppasswd). This makes the options Allow Changes to GECOS Field and Allow Changes to Login Shell available. GECOS means that the users can also change their names and address settings with the command ypchfn. SHELL allows users to change their default shell with the command ypchsh (for example, to switch from bash to sh). The new shell must be one of the predefined entries in /etc/shells.

    5. Select Open Port in Firewall to have YaST adapt the firewall settings for the NIS server.

      Figure 3.1. Master Server Setup

      Master Server Setup

    6. Leave this dialog with Next or click Other Global Settings to make additional settings.

      Other Global Settings include changing the source directory of the NIS server (/etc by default). In addition, passwords can be merged here. The setting should be Yes to create the user database from the system authentification files /etc/passwd, /etc/shadow, and /etc/group. Also, determine the smallest user and group ID that should be offered by NIS. Click OK to confirm your settings and return to the previous screen.

  4. If you previously enabled Active Slave NIS Server Exists, enter the hostnames used as slaves and click Next.

  5. If you do not use slave servers, the slave configuration is skipped and you continue directly to the dialog for the database configuration. Here, specify the Maps, the partial databases to transfer from the NIS server to the client. The default settings are usually adequate. Leave this dialog with Next.

  6. Check which maps should be available and click Next to continue.

  7. Determine which hosts are allowed to query the NIS server. You can add, edit, or delete hosts by clicking the appropriate button. Specify from which networks requests can be sent to the NIS server. Normally, this is your internal network. In this case, there should be the following two entries:

    255.0.0.0     127.0.0.0
    0.0.0.0       0.0.0.0
         

    The first entry enables connections from your own host, which is the NIS server. The second one allows all hosts to send requests to the server.

  8. Click Finish to save your changes and exit the setup.

Configuring a NIS Slave Server

To configure additional NIS slave servers in your network, proceed as follows:

  1. Start YaST+Network Services+NIS Server.

  2. Select Create NIS Slave Server and click Next.

  3. Complete the basic setup of your NIS slave server:

    1. Enter the NIS domain.

    2. Enter hostname or IP address of the master server.

    3. Set This Host is also a NIS Client if you want to enable user logins on this server.

    4. Adapt the firewall settings with Open Ports in Firewall.

    5. Click Next.

  4. Enter the hosts that are allowed to query the NIS server. You can add, edit, or delete hosts by clicking the appropriate button. Specify from which networks requests can be sent to the NIS server. Normally, this is all hosts. In this case, there should be the following two entries:

    255.0.0.0     127.0.0.0
    0.0.0.0       0.0.0.0
         

    The first entry enables connections from your own host, which is the NIS server. The second one allows all hosts with access to the same network to send requests to the server.

  5. Click Finish to save changes and exit the setup.