Revision as of 17:00, 14 April 2012

NIS or Network Information Services is a simple - and insecure - way of making Single Sign On in a cluster of UNIX/Linux machines. Very useful in a closed network.

Originally NIS was called YP - Yellow Pages - and the acronyms YP and NIS are used.

There are up to three roles in a NIS installation

Master server

The master server - shares files to slaves and clients. For example the passwd and group file

Slave server(s)

Maintain copies of the Master Server shared files. Provides redundancy and load balancing

Clients

Use the shared files - for example for single sign on. Users added on the master server

Installation of the master server

Add the following line to /etc/hosts.allow. (In this case master,slaves and clients lives in the 10.222.0.0/24 network)

portmap ypserv ypbind: 10.222.0.0/255.255.255.0

Install NIS. You will be asked to enter the domain name. The domain name is not the DNS domain name - but a unique name for the the cluster of machines sharing the same information. (I use the DNS domain name - one less thing to remember)

apt-get install portmap nis

• Edit /etc/default/nis and set the NISSERVER line to NISSERVER = master
• Edit /etc/yp.conf and add a server line of the form: (Note my domain-name is c1.local)

domain c1.local server 127.0.0.1

• Edit /etc/ypserv.securenets remove the 0.0.0.0 line - insecure - and add your net/nets

Installation on the clients

Install the software

sudo apt-get install portmap nis

run the following commands. Remember to change the IP address of the NIS_SERVER_IP to your NIS servers IP address.

echo "portmap : <notice>NIS_SERVER_IP</notice> >> /etc/hosts.allow
echo "+::::::" >> /etc/passwd
echo "+:::" >> /etc/group
echo "+::::::::" >> /etc/shadow
echo "ypserver <notice>NIS_SERVER_IP</notice> >> /etc/yp.conf
/etc/init.d/nis restart

Test with

yptest

links

• https://help.ubuntu.com/community/SettingUpNISHowTo