Fedora 27
Sponsored Link

Configure NIS Server
2017/12/25
 
Configure NIS Server in order to share users' accounts in your local networks.
This example is based on the environment below. (SELinux is Permissive or Disabled)
+----------------------+          |          +----------------------+
| [    NIS Server    ] |10.0.0.30 | 10.0.0.31| [    NIS Client    ] |
|    dlp.srv.world     +----------+----------+     www.srv.world    |
|                      |                     |                      |
+----------------------+                     +----------------------+

[1] Configure NIS Server.
[root@dlp ~]#
dnf -y install ypserv rpcbind
# set NIS domain

[root@dlp ~]#
ypdomainname srv.world

[root@dlp ~]#
echo "NISDOMAIN=srv.world" >> /etc/sysconfig/network

[root@dlp ~]#
vi /var/yp/securenets
# set access control for NIS server

255.0.0.0       127.0.0.0
255.255.255.0   10.0.0.0

[root@dlp ~]#
vi /etc/hosts
# add NIS server and NIS client's IP address

10.0.0.30   dlp.srv.world dlp
10.0.0.31   www.srv.world www

[root@dlp ~]#
systemctl start rpcbind ypserv ypxfrd yppasswdd

[root@dlp ~]#
systemctl enable rpcbind ypserv ypxfrd yppasswdd
# update NIS database

[root@dlp ~]#
/usr/lib64/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS servers. dlp is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the
list, type a <control D>.
next host to add: dlp.srv.world

next host to add:
   
# Ctrl + D key

The current list of NIS servers looks like this:
dlp.srv.world
Is this correct? [y/n: y]
y
   
# y key and Enter

We need a few minutes to build the databases...
Building /var/yp/srv.world/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/srv.world'
Updating passwd.byname...
Updating passwd.byuid...
Updating shadow.byname...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/srv.world'
dlp.srv.world has been set up as a NIS master server.
Now you can run ypinit -s dlp on all slave server.
[2] It's neccessary to update NIS database with following way if a new user is added on local passwd.
[root@dlp ~]#
cd /var/yp

[root@dlp yp]#
[3] If Firewalld is running, it needs to allow NIS services or ports. Some services listen different ports when they restart, so fix ports for them and allow them by Firewalld.
[root@dlp ~]#
vi /etc/sysconfig/network
# add to the end

YPSERV_ARGS="-p 944"
YPXFRD_ARGS="-p 945"
[root@dlp ~]#
vi /etc/sysconfig/yppasswdd
# add like follows

YPPASSWDD_ARGS="
--port 950
"
[root@dlp ~]#
systemctl restart rpcbind ypserv ypxfrd yppasswdd
[root@dlp ~]#
firewall-cmd --add-service=rpc-bind --permanent

[root@dlp ~]#
firewall-cmd --add-port={944-951/tcp,944-951/udp} --permanent

[root@dlp ~]#
firewall-cmd --reload

 
Tweet