NIS

NIS



Consistent configuration across the

network

Why NIS?

• Primary reason is to provide same user

configuration across the network

• Users go any machine and log in with the

same password

• NOT a means of mounting files… that is

NFS

Problem



User changes Workstation

Password







Workstation









Workstation

Problem



Workstation





User tries

to login Workstation FAILURE!

w/new

password





Workstation

Solution:

Centralized management

User changes Workstation Stored on server

Password



NIS Server

Workstation







Workstation

Solution:

Centralized management

Workstation





User tries Ask server NIS Server

to login Workstation

w/new

Login succeeds

password





Workstation SUCCESS!

OK, but is that all?

• NO. It’s just the most important function.

• More generally it allows centralization of

many configuration parameters.

• Providing a server allows for storing the

info in a single place w/ single copy.

• Must tell server what to share

• Must tell clients what to ask

• Understanding NIS requires knowing what

it handles and what it doesn’t handle!

Who Can See It?

• Originally on a network segment

• Typically local

• Servers can be hard-coded or broadcast

• Security issues for

– Broadcasting

– Passwords for logging in

• Used by machines in the NIS domain

– Not the same as a DNS domain but could have the same

name

What else does it handle?

• Users, passwords,groups

• Mail aliases

• Host name/ip mapping like dns

• Boot parameters

• Printer definitions

• And others

• You can pick and choose which to provide

How are these functions similar?



user encrypted password









hostname ip address









Both are simply mapping functions!

Main Components

• A server and its configuration

– ypserv

– yp.conf

• Client configuration

– ypbind

– nsswitch.conf

• Rpc portmapper running

• A domain defined

• Database files

• Option slave servers for redundancy

Setting up the server

• Make sure “rpc” is running ypserv (likely)

– rpcinfo -u localhost ypserv

– It will report versions running

• Generate the database files

– /usr/lib/yp/ypinit -m

• Update as necessary by

– Changing files

– In /var/yp, run “make”

• If using network passwords, run rpc.yppasswd

Generating database files

• Can be tricky

• Each separate function should be addressed

as the nuances are different.

• E.g. “dns’ function is used for NIS domain

but regular DNS must be available for the

outside world

• E.g. “password”s can be served some

locally and some centrally

Setting up the client

• Define the location of server in /etc/yp.conf

• Use “domainname” to set machine domain

– Same as in server

• Run rpcinfo -p localhost looking for

ypbind and portmapper

• Create /var/yp directory if necessary

• Modify nsswitch.conf to use the nis service