[NTLUG:Discuss] Redhat Linux9 NIS (yp) Configuration

Kelledin kelledin+NTLUG at skarpsey.dyndns.org
Thu Aug 7 00:11:19 CDT 2003 

On Wednesday 06 August 2003 01:44 am, Eric Sczepanik wrote:
> What files or services does NIS need to work properly?  I have
> searched around different how-tos, but they are all
> uniformative.

NIS servers and NIS clients both need an RPC portmapper daemon 
running.

NIS servers need the ypserv daemon running.

NIS clients need the ypbind daemon (preferably the more recent 
multithreaded ypbind-mt) running.

If you're storing passwords using NIS, NIS servers should have 
the rpc.yppasswdd daemon (included with ypserv) running.  Note, 
storing passwords with bare NIS is generally a VERY BAD IDEA.  
Your password database would become world-readable, so you lose 
the primary benefit of shadowed passwords, whether you export 
your shadow file as a NIS map or not.  NIS+ supports better 
password security, but AFAIK Linux can only function as a NIS+ 
client, not a NIS+ server.  Besides which, NIS+ is a pain to set 
up.  I would advise you use some other service (like Kerberos 
v5) to store passwords with reasonable security.

If you have slave NIS servers, you may want to run the rpc.ypxfrd 
daemon (included with ypserv).  This helps speed up the 
propagation of large NIS maps from master servers to slave 
servers and makes sure slave servers stay in sync with the 
master server.

It's a good idea to install yp-tools on both NIS servers and NIS 
clients.  If nothing else, the tools are good for testing.

> I have done a clean install on my Dell server, and now I need
> to know the files or services that I need to create and/or
> edit to make NIS work properly.
>
> Is there someone who could easily configure it for me?

I've actually done it myself here, so I could offer some help if 
you wanted.  I would do some advance planning on it first if I 
were you--you need to know stuff like how much downtime you 
expect on this Dell server, how many users you need to support, 
what maps you want to push, what sort of mixed environment you 
want to support (Windows?  Solaris?  HP-UX?), etc.  

I would also not use RedHat 9.  It's targeted as a desktop 
distro, and I suppose it does well as that--but it has a lot of 
not-quite-production-ready stuff backported (mainly NPTL) that  
may not hold up to server requirements.  My personal preference 
for pre-rolled server-ready distros is either Debian stable 
(gotta love apt-get) or SuSE (if you must have an RPM-based 
distro).

Also, our fearless leader himself did an excellent NIS tutorial 
several months ago at an NTLUG meeting.  He left his 
presentation slides up here:

http://www.ntlug.org/~ccox/ntlug_nis/index.htm

-- 
Kelledin
"If a server crashes in a server farm and no one pings it, does 
it still cost four figures to fix?"

More information about the Discuss mailing list