32.3 Managing NIS

Previous page
Table of content
Next page
   

There are a number of day-to-day tasks in NIS management. Some of these tasks include updating NIS maps on master and slave servers, managing user accounts and passwords, and maintaining security. These tasks are discussed next .

Updating NIS Maps on the Master Server

NIS maps can be updated on the master server using the /var/yp/ypmake command. It reads ASCII files and regenerates the required NIS maps. For example, if you change the shell of a user in the /etc/passwd file, the following command updates the passwd.byname and passwd.byuid maps and pushes to slave NIS servers. 

 #  /var/yp/ypmake  For NIS domain testdom: Building the passwd map(s)... passwd build complete.    Pushing the passwd map(s):  passwd.byname  passwd.byuid The group map(s) are up-to-date. The hosts map(s) are up-to-date. The networks map(s) are up-to-date. The rpc map(s) are up-to-date. The services map(s) are up-to-date. The protocols map(s) are up-to-date. The netgroup map(s) are up-to-date. The aliases map(s) are up-to-date. The publickey map(s) are up-to-date. Building the netid map(s)... netid build complete.    Pushing the netid map(s):   netid.byname The auto_master map(s) are up-to-date. ypmake complete:  no errors encountered. #

Updating NIS Maps on a Slave Server

NIS maps from the master server are transferred to the slave server at the time of configuring the slave server. These maps should be updated periodically using the ypxfr command on all slave servers or the yppush command on the master server. The yppush command initiates the ypxfr command on slave servers, which then uses the ypxfrd daemon to transfer updated maps from the master server. These commands should be invoked using cron on a regular basis. The following command copies the passwd.byname map from the master server. 

 ypxfr passwd.byname

In addition to these two commands, NIS comes with scripts in the /var/yp directory that can be used with cron for the regular update of NIS maps on all clients . These scripts are preconfigured to update appropriate maps at regular time intervals.

ypxfr_1perhour This script should be invoked every hour .
ypxfr_1perday This should be invoked once per day.
ypxfr_2perday This should be invoked twice every day.

Sample cron entries for these scripts are as shown here. 

 1  *  *  *  *  /var/vp/ypxfr_1perhour 1  1  *  *  *  /var/vp/ypxfr_1perday 1  2,14  *  *  *  /var/vp/ypxfr_2perday

The first script is executed at the first minute of every hour. The second script is executed at the first minute of 1 a.m. every day. The third script is executed at the first minute of 2 a.m. and 2 p.m. every day.

Changing a Password on a Client

You can change a password on a client host in the normal way using the passwd command. When you use this command, it contacts the rpc.yppasswdd daemon on an NIS server. This daemon verifies the old password and updates its ASCII password file as well as the NIS maps. The old way of changing a password on an NIS server is through the use of the yppasswd command. Its use is similar to the passwd command. The following session is used to change the password for user boota on an NIS server using the yppasswd command. 

 #  yppasswd boota  Changing password for boota on NIS server Old NIS password: New password: Re-enter new password: NIS(YP) passwd/attributes changed on myhp, the master NIS server. #

If the user is not being administered by NIS and his or her login name and password resides in the local /etc/passwd file on the local system, the NIS server is not contacted and the change is made locally. Commands for changing a password use the rpc.yppasswdd daemon and can be executed on any NIS client machine.

Using rpcinfo

The rpcinfo command is used for troubleshooting purposes. It can be used to verify that an NIS server is running and responding to client's requests . The following command lists RPC services registered on NIS server myhp . 

 #  rpcinfo -s myhp  program version(s) netid(s)                         service     owner 100000  2,3,4     udp,tcp,ticlts,ticotsord,ticots  rpcbind     superuser 100024  1         tcp,udp                          status      superuser 100021  2,4,3,1   udp,tcp                          nlockmgr    superuser 100020  1         tcp,udp                          llockmgr    superuser 100068  5,4,3,2   udp                              cmsd        superuser 100083  1         tcp                              ttdbserver  superuser 100069  1         tcp,udp                          ypxfrd      superuser 100028  1         udp,tcp                          ypupdated   superuser 100029  2,1       ticots,ticotsord,ticlts          keyserv     superuser 100004  1,2       tcp,udp                          ypserv      superuser 100009  1         udp                              yppasswdd   superuser 100007  1,2       udp,tcp                          ypbind      sys #

Make sure that the NIS server processes are present in this list. To check the response of a particular service, you can send a request to it using the TCP or UDP protocol. The following command sends a UDP request to ypserv on host myhp . 

 #  rpcinfo -u myhp ypserv  program 100004 version 1 ready and waiting program 100004 version 2 ready and waiting #

The output of the command shows that ypserv is running and accepting requests at program number 100004. More information about rpcinfo is presented in the next chapter.

   
Top

Previous page
Table of content
Next page
HP Certified
HP Certified: HP-UX System Administration
ISBN: 0130183741
EAN: 2147483647
Year: 2000
Pages: 390
Authors: Rafeeq Rehman
BUY ON AMAZON
Oracle Developer Forms Techniques
Snort Cookbook
Microsoft WSH and VBScript Programming for the Absolute Beginner
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
.NET System Management Services
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy