Date: Tue, 3 Mar 1998 11:54:52 -0800 From: Ian Field <ifield@mstk.com> To: "'Derek Laufenberg'" <laufen@wi.net> Cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@FreeBSD.ORG> Subject: RE: NIS Implementation Message-ID: <411B07D1F591D111928500A0C985DE2E01FF08@alpha.mstk.com>
next in thread | raw e-mail | index | archive | help
Derek,
Thanks for the help, I have a couple followup questions:
1) What should be the syntax of the /var/yp/servers file?
2) on clients: add + to end of filenames? (i.e. hosts+) or on
the last line of the file itself?
3) also, for NFS (which is installed and working) how do I
automount dirs at boot?
Thanks again - once you respond I will let you know how it all works...
Ian Field
ifield@mstk.com
-----Original Message-----
From: Derek Laufenberg [mailto:laufen@wi.net]
Sent: Monday, March 02, 1998 9:04 PM
To: Ian Field; freebsd-questions@freebsd.org
Subject: Re: NIS Implementation
The NIS isn't trival, but there are a few things which must be done.
On the server:
1) create a /var/yp/master.passwd with entries for each user
2) create /var/yp/servers with name of the server or servers
(I dont think this should be blank)
3) create /var/yp/securenets file (optional but good idea)
here is an example:
#allow local address and all hosts on internal net
10.xxxx
127.0.0.1 255.255.255.255
10.0.0.0 255.0.0.0
4) do a 'make' in /var/yp
5) In /etc/rc.conf on server:
nisdomainname="barnyard.foo" # Set to NIS domain if using NIS (or
NO).
...
# Network Information Services (NIS) options: ###
nis_client_enable="YES" # We're an NIS client (or NO).
nis_client_flags="" # Flags to ypbind (if enabled).
nis_ypset_enable="" # Run ypset at boot time (or NO).
nis_ypset_flags="" # Flags to ypset (if enabled).
nis_server_enable="YES" # We're an NIS server (or NO).
nis_server_flags="" # Flags to ypserv (if enabled).
nis_ypxfrd_enable="NO" # Run rpc.ypxfrd at boot time (or NO).
nis_ypxfrd_flags="" # Flags to rpc.ypxfrd (if enabled).
nis_yppasswdd_enable="YES" # Run rpc.yppasswdd at boot time (or
NO).
nis_yppasswdd_flags="-s -f" # Flags to rpc.yppasswdd (if enabled).
6) Server should be up on with the next reboot.
On the Client side:
1) add + to end of /etc/hosts - not sure if this is
needed???Anyone???
2) add +::: to end of /etc/group
3) vipw and add +::::::::: to end of password file
4) allow NIS and disable bind in /etc/host.conf
The NIS server will do the DNS lookup for the client.
5) in etc/rc.conf on client:
nisdomainname="barnyard.foo" # Set to NIS domain if using NIS (or
NO).
...
# Network Information Services (NIS) options: ###
nis_client_enable="YES" # We're an NIS client (or NO).
nis_client_flags="" # Flags to ypbind (if enabled).
nis_ypset_enable="NO" # Run ypset at boot time (or NO).
nis_ypset_flags="" # Flags to ypset (if enabled).
nis_server_enable="NO" # We're an NIS server (or NO).
nis_server_flags="" # Flags to ypserv (if enabled).
nis_ypxfrd_enable="NO" # Run rpc.ypxfrd at boot time (or NO).
nis_ypxfrd_flags="" # Flags to rpc.ypxfrd (if enabled).
nis_yppasswdd_enable="NO" # Run rpc.yppasswdd at boot time (or
NO).
nis_yppasswdd_flags="" # Flags to rpc.yppasswdd (if enabled).
You must also make sure the clients are using the same libcrypt files.
Look
in /usr/lib and make sure. I think the default is MD5, but if you want
to
allow Sun machines in your domain, then use DES.
On each of the machine, I only have a few entries in the
/etc/master.passwd file.
Them being root and the NIS entry +::::::::. All the others are kept on
the
NIS server.
This server also serves the NFS files systems for /home, /usr, and
/spare.
All accounts go on /home/user. THe /usr partition get mounted on all
the
clients and symlinks point to stuff like man pages and /usr/local stuff.
This
saves a lot of disk space. on the clients. Some erformance hits are
taken, but
maintance is much simpler.
I think that covers everything. Try it and let us know.
Derek Laufenberg
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?411B07D1F591D111928500A0C985DE2E01FF08>