Date: Tue, 3 Mar 1998 11:54:52 -0800 From: Ian Field <ifield@mstk.com> To: "'Derek Laufenberg'" <laufen@wi.net> Cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@FreeBSD.ORG> Subject: RE: NIS Implementation Message-ID: <411B07D1F591D111928500A0C985DE2E01FF08@alpha.mstk.com>
next in thread | raw e-mail | index | archive | help
Derek, Thanks for the help, I have a couple followup questions: 1) What should be the syntax of the /var/yp/servers file? 2) on clients: add + to end of filenames? (i.e. hosts+) or on the last line of the file itself? 3) also, for NFS (which is installed and working) how do I automount dirs at boot? Thanks again - once you respond I will let you know how it all works... Ian Field ifield@mstk.com -----Original Message----- From: Derek Laufenberg [mailto:laufen@wi.net] Sent: Monday, March 02, 1998 9:04 PM To: Ian Field; freebsd-questions@freebsd.org Subject: Re: NIS Implementation The NIS isn't trival, but there are a few things which must be done. On the server: 1) create a /var/yp/master.passwd with entries for each user 2) create /var/yp/servers with name of the server or servers (I dont think this should be blank) 3) create /var/yp/securenets file (optional but good idea) here is an example: #allow local address and all hosts on internal net 10.xxxx 127.0.0.1 255.255.255.255 10.0.0.0 255.0.0.0 4) do a 'make' in /var/yp 5) In /etc/rc.conf on server: nisdomainname="barnyard.foo" # Set to NIS domain if using NIS (or NO). ... # Network Information Services (NIS) options: ### nis_client_enable="YES" # We're an NIS client (or NO). nis_client_flags="" # Flags to ypbind (if enabled). nis_ypset_enable="" # Run ypset at boot time (or NO). nis_ypset_flags="" # Flags to ypset (if enabled). nis_server_enable="YES" # We're an NIS server (or NO). nis_server_flags="" # Flags to ypserv (if enabled). nis_ypxfrd_enable="NO" # Run rpc.ypxfrd at boot time (or NO). nis_ypxfrd_flags="" # Flags to rpc.ypxfrd (if enabled). nis_yppasswdd_enable="YES" # Run rpc.yppasswdd at boot time (or NO). nis_yppasswdd_flags="-s -f" # Flags to rpc.yppasswdd (if enabled). 6) Server should be up on with the next reboot. On the Client side: 1) add + to end of /etc/hosts - not sure if this is needed???Anyone??? 2) add +::: to end of /etc/group 3) vipw and add +::::::::: to end of password file 4) allow NIS and disable bind in /etc/host.conf The NIS server will do the DNS lookup for the client. 5) in etc/rc.conf on client: nisdomainname="barnyard.foo" # Set to NIS domain if using NIS (or NO). ... # Network Information Services (NIS) options: ### nis_client_enable="YES" # We're an NIS client (or NO). nis_client_flags="" # Flags to ypbind (if enabled). nis_ypset_enable="NO" # Run ypset at boot time (or NO). nis_ypset_flags="" # Flags to ypset (if enabled). nis_server_enable="NO" # We're an NIS server (or NO). nis_server_flags="" # Flags to ypserv (if enabled). nis_ypxfrd_enable="NO" # Run rpc.ypxfrd at boot time (or NO). nis_ypxfrd_flags="" # Flags to rpc.ypxfrd (if enabled). nis_yppasswdd_enable="NO" # Run rpc.yppasswdd at boot time (or NO). nis_yppasswdd_flags="" # Flags to rpc.yppasswdd (if enabled). You must also make sure the clients are using the same libcrypt files. Look in /usr/lib and make sure. I think the default is MD5, but if you want to allow Sun machines in your domain, then use DES. On each of the machine, I only have a few entries in the /etc/master.passwd file. Them being root and the NIS entry +::::::::. All the others are kept on the NIS server. This server also serves the NFS files systems for /home, /usr, and /spare. All accounts go on /home/user. THe /usr partition get mounted on all the clients and symlinks point to stuff like man pages and /usr/local stuff. This saves a lot of disk space. on the clients. Some erformance hits are taken, but maintance is much simpler. I think that covers everything. Try it and let us know. Derek Laufenberg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?411B07D1F591D111928500A0C985DE2E01FF08>