You can use below tips to configure host as NIS master server. Remember that you can only have one master server in your domain. This master server contain original ASCII file that used to create NIS map. It also will propagate NIS map to all slave server.
- Create /var/yp/securenets file on your NIS master server. This file will restrict which host can access NIS service that provided by this master server. In this example NIS service can be accessed by NIS master server itself, all hosts in 192.168.1.2/24, and host with IP address 10.10.10.1# vi /var/yp/securenetshost 127.0.0.1
255.255.255.0 192.168.1.2
host 10.10.10.1
- Set NIS domain on your host.# vi /etc/defaultdomain
sun.com
- Build NIS maps.Your NIS maps need at least 3 kind of files, ex: /etc/passwd, /etc/group and /etc/hosts. Collect that 3 kind of files from all hosts that have same domain with NIS server.Make a new passwd file that contain all records from all passwd file you have collected. Delete all root record from your new passwd file. Store this new passwd file on /var/yp, this new passwd file will be used as passwd map.Make a new group file and hosts file too that contain all records from all group and hosts file you have collected. Store this new group and hosts file on /var/yp, this new group and hosts file will be used as group map and hosts map.For security collect also /etc/shadow from all hosts in the same domain. Create file passwd.adjunct that combine all record from /etc/shadow. Delete all root record from your passwd.adjunct file.Put passwd.adjunct file in /var/yp/security, then edit your /var/yp/Makefile in section all to include passwd.adjunct (see step 4)
- You also can optionally collect and combine the other /etc files, ex : /etc/timezone, /etc/netgroup, /etc/ethers, /etc/bootparams, /etc/netmasks and many more. You can see all /etc files that can be configured by see section all in /var/yp/Makefile# vi /etc/defaultdomain...all: passwd group hosts ipnodes ethers networks rpc services protocolsnetgroup bootparams aliases publickey netid netmasks c2securetimezone auto.master auto.home ageingauth.attr exec.attr prof.attr user.attr audit.user passwd.adjunct...
- Edit file /var/yp/Makefile.Assign DIR, PWDIR, INETDIR parameter to /var/yp
- Modify your /etc/inet/hosts file to include IP address – hostname of all NIS slave servers and NIS clients
- Initialize your system as NIS master server. When system prompts for list of NIS slave servers, enter the name of all NIS slave servers.# ypinit -m
- Modify your /etc/nsswitch.conf to contain NIS. For instance, copy from /etc/nsswitch.nis file# cp /etc/nsswitch.nis /etc/nsswitch.conf
- Start your NIS master server service and test your NIS# svcadm enable svc:/network/nis/server:default# ypcat passwd
No comments:
Post a Comment