Fedora 26
Sponsored Link

Configure NIS Slave
2017/07/20
 
Configure NIS Slave Server to continue NIS service if NIS master server would be down.
+----------------------+          |          +----------------------+
| [    NIS Server    ] |10.0.0.30 | 10.0.0.31| [    NIS Client    ] |
|     dlp.srv.world    +----------+----------+     www.srv.world    |
|                      |          |          |                      |
+----------------------+          |          +----------------------+
+----------------------+          |
| [     NIS node01   ] |10.0.0.51 |
|    node01.srv.world  +----------+
|                      |
+----------------------+

[1]
[2] Install and Configure Ypserv on NIS Slave Server.
[root@node01 ~]#
dnf -y install ypserv rpcbind
[root@node01 ~]#
vi /var/yp/securenets
# create new (specify networks you allow to access)

255.0.0.0       127.0.0.0
255.255.255.0   10.0.0.0

[root@node01 ~]#
vi /etc/hosts
# add NIS master and slave

10.0.0.30   dlp.srv.world dlp
10.0.0.51   node01.srv.world node01

[root@node01 ~]#
systemctl start rpcbind ypserv ypxfrd yppasswdd

[root@node01 ~]#
systemctl enable rpcbind ypserv ypxfrd yppasswdd
# sync with NIS master server

[root@node01 ~]#
/usr/lib64/yp/ypinit -s dlp.srv.world

We will need a few minutes to copy the data from dlp.srv.world.
Transferring group.bygid...
Trying ypxfrd ... success
...
...
At this point, make sure that /etc/passwd and /etc/group have
been edited so that when the NIS is activated, the data bases you
have just created will be used, instead of the /etc ASCII files.
[3] If Firewalld is running, it needs to allow NIS services or ports. Some services listen different ports when they restart, so fix ports for them and allow them by Firewalld.
[root@node01 ~]#
vi /etc/sysconfig/network
# add to the end

YPSERV_ARGS="-p 944"
YPXFRD_ARGS="-p 945"
[root@node01 ~]#
vi /etc/sysconfig/yppasswdd
# add like follows

YPPASSWDD_ARGS="
--port 946
"
[root@node01 ~]#
systemctl restart rpcbind ypserv ypxfrd yppasswdd
[root@node01 ~]#
firewall-cmd --add-service=rpc-bind --permanent

[root@node01 ~]#
firewall-cmd --add-port={944/tcp,944/udp,945/tcp,945/udp,946/udp} --permanent

[root@node01 ~]#
firewall-cmd --reload

[4]
NIS master server is also required to be a NIS client. Configure NIS master server as a NIS Client, refer to here.
[5] Configure on NIS master server for new NIS Slave.
[root@dlp ~]#
vi /var/yp/Makefile
# line 23: change

NOPUSH=
false
# update NIS database

[root@dlp ~]#
/usr/lib64/yp/ypinit -m


At this point, we have to construct a list of the hosts which will run NIS
servers.  dlp.srv.world is in the list of NIS server hosts.  Please continue to add
the names for the other hosts, one per line.  When you are done with the
list, type a <control D>.
        next host to add:  dlp.srv.world
       
# specify NIS slave

        next host to add:
node01.srv.world

        next host to add:    
# Ctrl + D key

The current list of NIS servers looks like this:

dlp.srv.world
node01.srv.world

Is this correct? [y/n: y]
y

We need a few minutes to build the databases...
Building /var/yp/srv.world/ypservers...
...
...
Now you can run ypinit -s dlp.srv.world on all node01 server.
[6] Configure on NIS Client to bind NIS slave, too.
[root@www ~]#
vi /etc/yp.conf
# add slave server's setting to the end

domain srv.world server dlp.srv.world
domain srv.world server node01.srv.world
[root@www ~]#
systemctl restart ypbind
 
Tweet