32.2 Configuring NIS

Previous page
Table of content
Next page
   

The configuration process of NIS involves at least one NIS master server and one or more NIS clients . The NIS server is an NIS client at the same time. During this process, startup files used for NIS are edited and daemon processes are started. The first step toward configuration is setting up an NIS domain name .

Setting Up an NIS Domain Name

The domainname command is used to set up an NIS domain. For example, the following command sets up testdom as an NIS domain. 

 domainname testdom

If the command is used without an argument, the current domain name is displayed. To set an NIS domain name every time the system boots, the following line is included in the /etc/rc.config.d/namesvrs file. 

 NIS_DOMAIN=testdom

NIS Startup Files

Server NIS processes are started at run level 2 using the /sbin/init.d/nis.server script. The client processes are started using the /sbin/init.d/nis.client script. Both of these scripts use variables in the /etc/rc.config.d/namesvrs file for their operation. This file contains a number of variables related to NIS, some of which are shown in Table 32-2.

Table 32-2. Configuration Variables for NIS
Variable Name Description
NIS_MASTER_SERVER Value 1 is assigned to this variable if this node is the master NIS server, 0 if not.
NIS_SLAVE_SERVER Value 1 is assigned to this variable if this node is a slave NIS server, 0 if not.
NIS_CLIENT Value 1 is assigned to this variable if this node is an NIS client, 0 if not. Both NIS master and slave servers must also be NIS clients.
NISDOMAIN This variable is used to set an NIS domain name (see the domainname(1) command).
MAX_NISCHECKS This variable shows the maximum number of bind attempts the NIS client will make.
YPSERV_OPTIONS Specifies command line options for ypserv .
YPBIND_OPTIONS Specifies command line options for ypbind .
YPPASSWDD_OPTIONS Specifies command line options for yppasswdd .
KEYSERV_OPTIONS Specifies command line options for keyserv .
YPUPDATED_OPTIONS Specifies command line options for ypupdated .
YPXFRD_OPTIONS Specifies command line options for ypxfrd .

The ypserv process is the NIS server daemon and ypbind is the NIS client daemon. The above-mentioned files can be edited to automatically start NIS at boot time. It must be noted that a server may be either a master NIS server or a slave NIS server, but not both. To enable a server either in master or slave mode, one of the NIS_MASTER_SERVER or NIS_SLAVE_SERVER variables should be set to 1 while editing this file. If a host is configured as the master NIS server, it must also be an NIS client at the same time.

Typical entries for our testdom NIS server are shown next . Here we have set the host to run as master server and client for domain name testdom . 

 NIS_MASTER_SERVER=1 NIS_SLAVE_SERVER=0 NIS_CLIENT=1 NIS_DOMAIN="testdom" MAX_NISCHECKS=2 YPPASSWDD_OPTIONS="/etc/passwd -m passwd PWFILE=/etc/passwd" YPUPDATED_OPTIONS="" YPXFRD_OPTIONS=""

NIS Daemons

NIS is an RPC-based service. If you are using HP-UX 10.20 or earlier, the portmap daemon must be running. For higher versions of HP-UX, portmap is replaced with the rpcbind daemon. These daemons are started during NFS startup, which is started before NIS starts. However, if the RPC daemon is not running, it is started during the NIS startup process. Other processes and daemons used for NIS are listed in Table 32-3. The files are found under the /usr/lib/netsvc/yp directory.

Table 32-3. NIS Daemons and Their Roles
Daemon Name Role
ypserv An NIS server process. It runs on both master and slave NIS servers. Its job is to listen to incoming requests and respond to them after consulting NIS maps.
rpc.yppasswdd Runs only on NIS master servers. When a user runs the yppasswd or passwd command to change a password, this daemon updates the password file used for building NIS password maps. It then updates the maps and pushes these to all slave servers.
ypxfrd Runs on master and slave NIS servers. Its function is to transfer maps between master and slave servers. It is placed in the /usr/sbin directory.
rpc.updated Runs on master NIS servers. This daemon is part of secure RPC. It provides a secure mechanism to update NIS source files on the master NIS server.
keyserv Runs on all machines. This is also a part of secure RPC and is used to keep encryption keys for all logged in users. It is found in the /usr/sbin directory.
ypbind The client process. It runs on all hosts taking part in the NIS domain. Client applications use ypbind to communicate to the ypserv process on the server.

Configuring the NIS Master Server

The configuration process of the master NIS server is carried out using the following steps.

  1. Create the NIS domain name. This is done through the domainname command as mentioned earlier in this chapter.

  2. Update all ASCII configuration files (not map files). The ASCII configuration files are /etc/passwd , /etc/ group , /etc/services , /etc/hosts , /etc/protocols , and others as mentioned in this chapter while listing NIS maps.

  3. Add /var/yp to PATH .

  4. Edit the /etc/rc.config.d/namesvrs file; it should contain at least the following lines. 

     NIS_MASTER_SERVER=1 NIS_CLIENT=1 NIS_DOMAIN=testdom

    The last line shows your domain name and should be set accordingly .

  5. Run the ypinit -m command to configure the server as the NIS master. A typical session for this command is as follows . This command creates a directory with the domain name in the /var/yp directory and creates NIS map files in it. It also asks you for a list of slave servers. If you are not using any slave server, just press the graphics/enter.gif key at this point. 

     #  ypinit -m  You will be required to answer a few questions to install the Network   Information Service. All questions will be asked at the beginning of this procedure. Do you want this procedure to quit on non-fatal errors? [y/n: n]  n  OK, but please remember to correct anything which fails. If you don't, some part of the system (perhaps the NIS itself) won't work. At this point, you must construct a list of the hosts which will be NIS    servers for the "testdom" domain. This machine, myhp, is in the list of Network Information Service servers. Please provide the hostnames of the slave servers, one per line. When you have no more names to add, enter a <ctrl-D> or a blank line.         next host to add:  myhp         next host to add: The current list of NIS servers looks like this: myhp Is this correct?  [y/n: y]  y  There will be no further questions. The remainder of the procedure should   take 5 to 10 minutes. Building the ypservers database... ypservers build complete. Running make in /var/yp: updated passwd updated group updated hosts updated networks updated rpc updated services updated protocols updated netgroup WARNING: writable directory /var/yp/testdom WARNING: writable directory /var/yp/testdom WARNING: writable directory /var/yp/testdom updated aliases updated publickey updated netid updated auto.master myhp has been set up as a master Network Information Service server without   any errors. If there are running slave NIS servers, run yppush(1M) now for any   databases which have been changed.  If there are no running slaves, run   ypinit on those hosts which are to be slave servers. #

  6. After finishing this process, you can either reboot your system or run the following two commands. 

     /sbin/init.d/nis.server start /sbin/init.d/nis.client start

    These two commands start server and slave processes on the master server.

Configuring an NIS Slave Server

The configuration process of a slave server is similar to the master server with few exceptions. The steps are as follows.

  1. Create an NIS domain name using the domainname command.

  2. Add /var/yp to PATH .

  3. Edit the /etc/rc.config.d/namesvrs file; it should contain at least the following lines. Here you have to enable a slave server instead of the master server. 

     NIS_SLAVE_SERVER=1 NIS_CLIENT=1 NIS_DOMAIN=testdom

  4. Run the ypinit -s myhp command to configure the slave server, where myhp is the name of the master server you have already configured.

  5. After finishing this process, you can either reboot your system or run the following two commands. 

     /sbin/init.d/nis.server start /sbin/init.d/nis.client start

Configuring an NIS Client

To configure an NIS client, follow these simple steps.

  1. Use the domainname command to set an NIS domain name.

  2. Edit the /etc/rc.config.d/namesvrs file such that it contains the following lines. 

     NIS_CLIENT=1 NIS_DOMAIN=testdom

  3. After finishing this process, you can either reboot your system or run the following command. 

     /sbin/init.d/nis.client start

Name Service Switch

HP-UX uses a number of sources of information. For example, a host name may be resolved using the /etc/hosts file, DNS, or NIS server. The /etc/nsswitch.conf file controls which service will be used for a particular type of information and in which order. For example, when a user logs into a computer, the following entry in this file shows how the process of user name and password verification will be carried out. 

 passwd:       files nis

This line shows that for password verification, local files ( /etc/passwd ) will be used first. If this method fails, then NIS will be used. A similar method is used for other types of information. A typical /etc/nsswitch.conf file is shown next. 

 passwd:       files nis group:        files nis hosts:        files dns networks:     nis [NOTFOUND=return] files protocols:    nis [NOTFOUND=return] files rpc:          nis [NOTFOUND=return] files publickey:    nis [NOTFOUND=return] files netgroup:     nis [NOTFOUND=return] files automount:    files nis aliases:      files nis services:     nis [NOTFOUND=return] files

When multiple sources are contacted for particular information, it may be precisely defined what to do when one of the sources fails. When contacted, a source returns one of the codes listed in Table 32-4.

Table 32-4. Return Codes
Status Code Meaning
SUCCESS Shows that the requested data base entry was found.
UNAVAIL Shows that the source is not responding or is corrupted. This may be due to a server down or network fault.
NOTFOUND Shows that there is no such entry available on the source.
TRYAGAIN Shows that the source is busy, and it may respond if you retry .

Depending on the status code, one of two decisions may be made. These two choices are as follows,

continue Try the next source in the list.
return Return and don't try the next source.

The following entry in the /etc/nsswitch.conf file tells the system not to try files if a request to resolve a network name returns the status code NOTFOUND from the NIS server. 

 networks:     nis [NOTFOUND=return] files

However, if a request to NIS returns the UNAVAIL status code, the local file ( /etc/networks ) will be tried to resolve the network address.

Testing NIS Configuration

After configuring an NIS server (which is also an NIS client), first check the domain name directory /var/yp/testdom to verify that map files are created in this directory. If the files are there, use the ypcat command to list a few of these maps. For example, the following command lists maps for user names and passwords. 

 #  ypcat passwd.byname  root:BCRwpNgfFq3Zc:0:3::/:/sbin/sh daemon:*:1:5::/:/sbin/sh bin:*:2:2::/usr/bin:/sbin/sh sys:*:3:3::/: adm:*:4:4::/var/adm:/sbin/sh uucp:*:5:3::/var/spool/uucppublic:/usr/lbin/uucp/uucico lp:*:9:7::/var/spool/lp:/sbin/sh nuucp:*:11:11::/var/spool/uucppublic:/usr/lbin/uucp/uucico hpdb:*:27:1:ALLBASE:/:/sbin/sh nobody:*:-2:-2::/: www:*:30:1::/: dba:D2aLVIizQMwI6:102:101:,,,:/home/dba:/usr/bin/sh boota:VUj3GoygfBOvA:103:20:,,,:/home/boota:/usr/bin/sh #

If you see an output like this, your client and server are correctly configured. Try the same command on some other client on the network.

Some utilities that can be used with NIS are listed in Table 32-5.

Table 32-5. NIS Utilities
Name Function
ypcat Displays NIS maps
ypinit Builds and installs NIS map files
ypmake Rebuilds NIS tables
ypmatch Matches and lists particular values in NIS tables
ypset Binds NIS clients to particular NIS servers
ypwhich Shows host names of NIS servers

Study Break

Configuring an NIS Server and Client

You have now learned how to configure an NIS server and clients. You know that an NIS server is also used as an NIS client. Let's configure both an NIS server and client on an HP-UX machine. Use the domainname command to set mynis as the domain name. Use the ypinit -m command to configure an NIS server. Use the cd command to go to the /var/yp directory. You should find a subdirectory with the name mynis . List the files in this directory using the ll command and you will find a number of NIS map files. Use the following commands to start the NIS server. 

 /sbin/init.d/nis.server start /sbin/init.d/nis.client start

Now list the running processes using the ps command. You should find NIS server daemons running. Start the NIS client using the following command. 

 /sbin/init.d/nis.client start

Use the following command to verify that both NIS client and server are working properly. 

 ypcat passwd.byname
   
Top

Previous page
Table of content
Next page
HP Certified
HP Certified: HP-UX System Administration
ISBN: 0130183741
EAN: 2147483647
Year: 2000
Pages: 390
Authors: Rafeeq Rehman
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
Building Web Applications with UML (2nd Edition)
Data Structures and Algorithms in Java
Twisted Network Programming Essentials
InDesign Type: Professional Typography with Adobe InDesign CS2
Lean Six Sigma for Service : How to Use Lean Speed and Six Sigma Quality to Improve Services and Transactions
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy