MFI Technological Institute (MFI-TI)

Technical Training Program

Information Technology

Name: ___________________________________

Linux Network Administration

Lab 0511 – NIS

Objectives:
• Setup a NIS server
• Setup a NIS client
• Test the NIS server and clients operation
• Know how NIS can ease up administration

Illustration:

localdomain

server_yourname
switch

client_yourname

Procedures:

NIS Server Setup

1.Turn your Linux server ON. Login as root at tty1. Work in the command shell
environment.

2.Check if the NIS server (ypserv) package is already installed in your server.
You can use the command ntsysv. Is ypserv in the list of services? (y/n) 
If yes then jump to step 5.

3. Install ypserv.
Command 

4. Go back to tty1 and check again the list of services in the server. Is ypserv in
the list? (y/n) 
If not, reboot the system.
5. Enable ypserv. An asterisk at its left means that it is enabled. Exit
Services(ntsysv).
Disable by unchecking “network manager”, “iptables” and “selinux”
in ntsysv.
Aside from enabling ypserv, check “network” in ntsysv.

6. Establish the domain name. Check your lab setup sheet for your domain
name or ask the instructor.
Command 
#ypdomainname fedora1f3.demo2.local
#vi /etc/sysconfig/network add NISDOMAIN=demo2.local

7. Reconfigure /var/yp/Makefile. Write down your config below, just parts you
changed:

MERGE_PASSWD=false
MERGE_GROUP=false

add “shadow” in

all: passwd shadow group hosts rpc services netid

protocols

8. Add names or IP addresses of allowed clients to the /var/yp/securenets file.

Write it down below:

host 127.0.0.1
255.255.255.0 192.168.152.0
9. Allow the clients from previous step access to the appropriate maps in the
/etc/ypserv.conf file.
Check this:

10. Start the ypserv daemon by executing ...

# ypserv start

11.Start
the NIS password server daemon. Service yppasswdd start
12.Check if the daemons were really started.

A way to do this is through the use of the RPC portmapper (/usr/sbin/portmap).

The portmapper is a remote procedure call (RPC) program that acts as a clearinghouse for
information about the ports that other rpc server programs use. If the ypserv daemon was really
started... we should see indications from the portmapper.

Run ...

# rpcinfo -p localhost

Write down the response of your server below...


Now run...

# rpcinfo - u localhost ypserv

Write down the response of your server below...



What can you now conclude from the shown messages?

NIS is ready and waiting

Ask your teacher to check your answers up to this point.

13. And now to initialize the yp (NIS) server and generate its db or map, run...

# /usr/lib/yp/ypinit -m
then... <ctrl><D>

14.Now the server is ready to provide network information service to the whole
domain.
15. In the meantime, you need to turn off the firewall to make NIS work.

NIS Client Setup

16. Turn your Linux Workstation ON. Login as root at tty1. Work in the
command shell environment.

17. Check if the NIS client (ypbind) package is already installed in your
workstation. You can use the command ntsysv. Is ypbind in the list of
services? (y/n) 
If yes then jump to step 20.

18. Login as root in another tty and install ypbind.

Command 

19. Go back to tty1 and check again the list of services in the workstation. Is
ypbind in the list? (y/n) 
If not, reboot the system.

20. Enable ypbind. An asterisk at its left means that it is enabled. Exit
Services(ntsysv).

21. Run authconfig. Set Authentication Type = NIS > NIS Domain = <check your
lab setup sheet> > NIS Server = request via broadcast > OK. Was the NIS
server found? (y/n) 
If not, consult your instructor.

** If ypbind keeps on failing, check the following:

• Iptables is not running in the NIS server.
• Create /etc/sysconfig/ypbind and add this line
 OTHER_YPBIND_OPTS="-no-dbus"
The same can be achieved if you do the following steps...

a. edit the /etc/yp.conf file using your favorite text editor or with the use of Linuxconf.
b. run the ypbind's startup scripts

# ypbind start

c. Edit the /etc/nsswitch.conf file.

The /etc/yp.conf contains the information necessary for the client-side daemon, ypbind, to
startup and find the NIS server.

The /etc/nsswitch.conf is responsible for telling the system the order in which to search for
information.

22. Now the NIS client is functional.

NIS Testing and Administration

23. Turn your Linux NIS server and client ON.

24. Working as root in the server, create two users. Name them: onad and
lynn... their passwords are the same as their usernames.

25. Now work on the client. Try logging-in using the accounts that you just
created. Can they login? (y/n) 
26. Need to go back to the server. You need to update the NIS map by
running...

# cd /var/yp
# make

27. Now that the NIS map is updated, go back to the client. Login as root. For
the new accounts to be valid you need to add this to the /etc/passwd file...

+:*:::::

Now using another tty, try to login using the accounts you created. Can you
28.
login? (y/n) yes
But do you see any problem after you login? (y/n) yes
What is it ?
No directory /home/onad

Don't worry... this is supposed to be cured by NFS and will be discussed in the
next lesson.

29. Go back to the tty where you login as root in the client. Run the following
NIS tools:

ypcat, ypmatch, ypwhich

ypcat - dumps the contents of the NIS map.

Ex: # ypcat passwd
# ypcat hosts
# ypcat group

ypmatch - rather than pulling an entire map down, only the entry that corresponds to the key
value that you supplied ypmatch will be pulled down.
Ex: # ypmatch onad passwd

ypwhich - returns the name of the NIS server that is answering your requests.
Ex: # ypwhich

Can you think of ways, how can we use the following tools to ease up network
administration?


Learnings: