Thursday, February 24, 2011

How to install and configure NIS server, client and NIS slave machine?

How to install and configure NIS server, client and NIS slave machine?

Lets first configure NFS server and client :-

NFS server installation and configuration(For NFSv2 and 3) :

Environment : RHEL 5

--------
1. #yum install nfs-utils
--------
The nfs-utils package provide a daemon for the kernel NFS server and related tools. The daemons are "portmap", "nfslock" and "nfs". Once installation is complete, please do the following :

2. Service start :
--------
#service portmap start
#service nfslock start
#service nfs start
#chkconfig portmap on
#chkconfig nfslock on
#chkconfig nfs on
--------

3. modify /etc/exports file, add following lines into it. Note that /home will be exported to all from the server.

-------
/home *(rw,sync,all_squash)
-------

4. Execute the following command to export without restarting the service :

------
#exportfs -va
------

5. Check whether it has exported or not :

------
#showmount -e
------

6. Check status and daemons :

-------
#nfsstat
#rpcinfo -p localhost
-------

NFS client setup and configuration :

1. Install nfs-utils on client like :

----
#yum install nfs-utils
----

Here necessary daemons are portmap and nfslock.

2. Start them and make chkconfig:

-----
#service portmap start
#service nfslock start
#chkconfig portmap on
#chkconfig nfslock on
-----

3. Check NFS server from the client :

------
#showmount -e nfs_server_IP
------

4. mount -t nfs nfs_server_IP:/home /home

Note that last /home is a directory on the client machine and forst :/home on the NFS server and that has been mounted.

Thats't it. Now create any file inside the /home on NFS server and check the /home on client. It will be created.

======================

Note : autofs has been introduced to make automount the NFS shared directory. This is basically a daemon which calls the binary automount to automatically mount the remote drive. If you configure this daemon additionally you don't need to manualy mount the directory. Here are the steps to configure that daemon :

On client machine :
------
1. #yum install autofs
------

2. vi /etc/auto.master and add the following line (This is an example on my m/c)

------
/home /etc/auto.home --timeout 600
------

3. vi /etc/auto.home //Note that naming will be like that (starting with auto.somthing)

-----
* -fstype=nfs,soft,intr,rsize=8192,wsize=8192,nosuid,tcp IP_of_NFS_server:/home/&
-----

here "*" is subdirectory or key value that will be mounted to /home/& (ie auto temorary created user home). As an example mapping will be like :

NFS_server_IP:/home/user_on_nfs_server to /home/user_on_nfs_client with the above options.

4. That's it. Save the file and restart and chkconfig the autofs like :

-----
#service autofs restart
#chkconfig autofs on
-----

That's it.

=======================
For NFSv4 : You need to install following packages on the NFS server :

On server continuing...
1.
----
nfs-utils
portmap
nfs4-acl-tools
----

Install them using yum like

----
#yum install nfs-utils nfs4-acl-tools portmap
----

2. Use the option fsid=0 in the /etx/exports file. Export a directory over NFS v4. NFSv4 has a concept of a root of the overall exported filesystem. The export point exported with fsid=0 will be used as this root.For example, if you got /sales/mumbai, /sales/pune subdir, then client would see them as /mumbai and /pune directory. Please note that this can only export one directory with the fsid=0 option.

Start NFS service as above.

On NFSv4 Client Configuration :

1. mount the remote directory using file type : -t nfs4 like > mount -t nfs4 servername:/home /home

These are the difference with NFSv3 and 4.

And NFSv4 has following advantages :

1. Performance improvements
2. Mandates security and ACL
3. NFS v4 by default works over TCP s
4. Easy to setup firewall option

======================

Installing and configuring NIS server :

1. Install following packages on NIS server like :

----
#yum -y install ypserv ypbind portmap yp-tools
----

2. Edit /etc/sysconfig/network File

----
NISDOMAIN="vm156.gsslab.pnq.example.com"
----

3. Edit /etc/yp.conf File

----
ypserver 127.0.0.1
----

4. Start The Key NIS Server Related Daemons :

-----
#for i in portmap yppasswdd ypserv ; do service $i start; chkconfig $i on; done
-----

5. Check the daemons :

-----
#rpcinfo -p localhost
-----

6. Initialize NIS Domain :

-----
#updatedb; locate ypinit
#/usr/lib64/yp/ypinit -m
-----

Press Ctrl+D and press "y".

7. Start The ypbind(For making bind with the client) and ypxfrd(For making mapping more faster) Daemons :

------
#service ypbind start
#service ypxfrd start
#chkconfig ypbind on
#chkconfig ypxfrd on
------

8. Check the daemons whether they are running : #rpcinfo -p localhost
9. Adding New NIS Users on NIS server :

------
#useradd -g mynisgroup mynisuser
#passwd mynisuser
#cd /var/yp; make
------

here make will update the authentication files of the NIS.

10. Check to see if the user's authentication information has been updated by using the ypmatch command like : ypmatch mynisuser passwd; getent passwd mynisuser

-------------------------

Configuring The NIS Client :

1. Install following packages on the client machine.

----
ypbind
yp-tools
----

2. execute the command :

----
#authconfig-tui
----

Go to NIS authentication and press TAB key to select it. Then press NEXT. Now it'll ask for NISDOMAIN and IP of th NIS server. Provide these here and press OK.

3. Make sure following files has been updated like :
/etc/yp.conf , /etc/sysconfig/network and /etc/nsswitch.conf

Example on my system :

------
[root@vm91 yp]# cat /etc/yp.conf |grep domain
domain vm156.gsslab.pnq.example.com server 10.65.211.156
[root@vm91 yp]#
------
[root@vm91 yp]#cat /etc/sysconfig/network
NISDOMAIN=vm156.gsslab.pnq.example.com
[root@vm91 yp]#

[root@vm91 yp]# cat /etc/nsswitch.conf|egrep "group|passwd|shadow"
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files nis
shadow: files nis
group: files nis
netgroup: files nis
[root@vm91 yp]#

4. Start The NIS Client Related Daemons :

------
#service portmap start
#service ypbind start
#chkconfig ypbind on
#chkconfig portmap on
------

5. Verify Name Resolution of the hostname :
vi /etc/hosts
------
IP_of_NIS_server hostname_name_of_NIS_server
IP_of_NIS_client hostname_name_of_NIS_client
------

6. Testing NIS server from NIS client : Execute follwoign command which will give correct o/p :

-----
#ypcat passwd
-----

Like :

[root@vm91 yp]# ypcat passwd
mynisuser:$1$R5H0B1OS$iunkOZOibH097ohZlOOsT0:500:100::/home/mynisuser:/bin/bash
[root@vm91 yp]#

7. Finally access the account from NIS client :

Logging In Via SSH
-----
#ssh -l mynisuser IP_of_NIS_client //client will access nis server and mount the home directory of the user.
-----

You'll see home directory has been mounted to the client machine.

That's it.

================

NIS slave configuration :

1. Install follwoing packages on slave machine :

-----
ypserv
ypbind
portmap
yp-tools
-----

2. On NIS master : vi /etc/hosts and add NIS slave IP and name

-----
slave_IP slave_host_name
-----

3. On NIS slave : vi /etc/hosts and add NIS master IP and name

------
NIS_master_IP master_name
------

4. On both master and slave following file content will be same :

cat /etc/yp.conf
-----
ypserver 127.0.0.1
-----
cat /etc/sysconfig/network

----
NISDOMAIN="nis_domain_name"
----

5. Run following daemon like :

-----
#for i in portmap ypbind ypxfrd ; do service $i start; chkconfig $i on; done
-----

6. Test database query from slave to master like :

------
#ypwhich -m
------

You'll get like :

-----
[root@vm91 yp]# ypwhich -m
mail.aliases vm156.gsslab.pnq.example.com
ypservers vm156.gsslab.pnq.example.com
hosts.byaddr vm156.gsslab.pnq.example.com
group.byname vm156.gsslab.pnq.example.com
netid.byname vm156.gsslab.pnq.example.com
rpc.byname vm156.gsslab.pnq.example.com
group.bygid vm156.gsslab.pnq.example.com
passwd.byname vm156.gsslab.pnq.example.com
protocols.bynumber vm156.gsslab.pnq.example.com
passwd.byuid vm156.gsslab.pnq.example.com
rpc.bynumber vm156.gsslab.pnq.example.com
services.byservicename vm156.gsslab.pnq.example.com
protocols.byname vm156.gsslab.pnq.example.com
hosts.byname vm156.gsslab.pnq.example.com
services.byname vm156.gsslab.pnq.example.com
[root@vm91 yp]#
-----

7. Download initial db from master :

----
#/usr/lib64/yp/ypinit -s IP_nis_master
----

8. Now that the data has been successfully downloaded, it's time to make the slave server serve NIS clients with ypserv.

-----
#service ypserv start
-----

9. Go to nis master and vi /var/yp/ypservers. add the slave name or ip like :

-----
[root@vm156 mynisuser]# cat /var/yp/ypservers
vm156.gsslab.pnq.example.com
vm91.gsslab.pnq.example.com
[root@vm156 nisuser]#
-----

10 Do followings on master :

-----
#cd /var/yp
#cp Makefile Makefile.old
#vi /var/vp/Makefile and set following :
NOPUSH=false
#make
-----

Here make command automatically pushes database updates to the servers listed in the /var/yp/servers file.

11. set cron to sync the slave with master like :

-----
vi /etc/cron.d/nis_sync

20 * * * * /usr/lib64/yp/ypxfr_1perhour
40 6 * * * /usr/lib64/yp/ypxfr_1perday
55 6,18 * * * /usr/lib64/yp/ypxfr_2perday
-----

12 Atlast configure all the clients with the slave as well as master:

like :

----
Edit the /etc/yp.conf file on all the clients to include nisslave, and restart ypbind.

domain nis_domain_name server nis_master_ip
domain nis_domain_name server nis_slave_ip
-----

#service ypbind restart.

that's all.....

Client can change their password using the command : yppasswd

No comments:

Post a Comment