[NTLUG:Discuss] Re: Distributing users via NIS -- NIS/yp client/slave notes ...

Bryan J. Smith b.j.smith at ieee.org
Wed Aug 4 13:38:15 CDT 2004 

On Tue, 2004-08-03 at 23:51, Minh Duong wrote:
> I have set up a NIS master and a NIS slave but can't
> seem to get new user that were created on the master
> to distribute to the slave.  I create the new user on
> the master server and then push it to slave.  I can
> ypcat to see the new users on both the master and
> slave but when I try to login as the user on the
> slave, it says that no user exists.  Am I missing
> something simple? Thanks in advance.

Others have pointed out several things.
I'll recap with some added info.

- Client Notes ...

1.  Always make sure RPC/Portmapper (portmap) is running
$ rpcinfo -p

2.  In addition to the NIS/yp services (ypserv, yppasswd), make sure
your NIS master and slave are also NIS clients (ypbind) too.

3.  Linux GLibC 2.x has full support for name services switch
(/etc/nsswitch.conf) configuration.  Solaris and select other unix
flavors do as well.  Be sure that for _any_ NIS map you share has a
"nis" entry on each client for the map (hosts, passwd, group, etc...).

4.  More legacy, most platforms will look to NIS/yp if there is a
"+::::::" entry at the end of the local files (hosts, passwd, group,
etc...).  It can't hurt to add these to those files on any client.

[ SIDE NOTE:  On the master NIS/yp server, if you are sharing the same
files as maps (e.g., /etc/hosts is shared out as NIS), consider putting
a "+::::::" between the local/non-NIS (top) and NIS/yp (bottom) users so
you don't have duplicate entries.  I.e., programs often stop parsing
/etc/passwd as local when they reach the "+::::::" line, unless the
NIS/yp client is down (this is an interesting study on its own). ]

5.  Just because you have NIS setup does _not_ mean the user's home
directory is being shared out.  You do that _separately_, typically with
NFS.  If you cannot login, make sure it's not because the user's home
directory does not exist on the system where you are doing so.

- NIS Slave Notes ...

6.  Be wary that some (older?) NIS/yp implementations are broken when it
comes to slave replication.  I haven't seen this in awhile, but I used
to have issues when setting up a slave the first time, and the maps were
not retrieved.  I had to tar up the master's maps and drop them down on
the slave for the first time.

7.  Don't forget to run a ypxfr cronjobs to synchronize maps regularly.
The HOWTO has some examples of theses.

8.  Anytime you make a chance to a user account, consider cd /var/yp and
doing a "make."  This _should_ update all makes, and push them to slave
servers.


-- 
     Linux Enthusiasts call me anti-Linux.
   Windows Enthusisats call me anti-Microsoft.
 They both must be correct because I have over a
decade of experience with both in mission critical
environments, resulting in a bigotry dedicated to
 mitigating risk and focusing on technologies ...
           not products or vendors
--------------------------------------------------
Bryan J. Smith, E.I.         b.j.smith at ieee.org
-- 
     Linux Enthusiasts call me anti-Linux.
   Windows Enthusisats call me anti-Microsoft.
 They both must be correct because I have over a
decade of experience with both in mission critical
environments, resulting in a bigotry dedicated to
 mitigating risk and focusing on technologies ...
           not products or vendors
--------------------------------------------------
Bryan J. Smith, E.I.         b.j.smith at ieee.org

More information about the Discuss mailing list