NIS
This page contains historical information. It may be outdated or unreliable.
- This is now outdated. We no longer use NIS, or LDAP (for production shell), and manage user accounts and /home access with Puppet.
NIS (formerly YP) is a directory service for Unix databases (passwd, group, hosts, etc). it's like LDAP but more simpler and more limited. we are replacing LDAP with NIS.
we run the NIS server, ypserv, on srv1 (the master) and srv2. the NIS databases are in /var/yp. to make changes, edit ypfiles/* on srv1, and run "make" to rebuild the databases and update slaves.
Adding a user
For LDAP, adding the user on srv1 and running ldapsync seems sufficient. This doesn't appear to affect NIS.
- Edit /var/yp/ypfiles/passwd, group, and shadow and manually add the entries...
- sacrifice goat
- run 'make' in /var/yp
- profit!
Client setup
the NIS client is called ypbind, and runs on each server.
ubuntu:
- apt-get install nis
- edit /etc/yp.conf and add:
ypserver srv1.pmtpa.wmnet ypserver srv2.pmtpa.wmnet
- edit /etc/nsswitch.conf and change:
passwd: files nis group: files nis shadow: files nis
- make sure /etc/defaultdomain contains "pmtpa.wmnet"
- /etc/init.d/nis start
fedora:
- edit /etc/sysconfig/network:
NISDOMAIN=pmtpa.wmnet
- edit /etc/yp.conf and add:
ypserver srv1.pmtpa.wmnet ypserver srv2.pmtpa.wmnet
- edit /etc/nsswitch.conf and change:
passwd: files nis group: files nis
- chkconfig --level 2345 ypbind on
- /etc/init.d/ypbind start