NIS网络信息服务
38-1
注:
1)rpc 远程进程调用
2)Ypserv验证用户身份
3)yppasswd 用户更改服务器的口令
NIS、域、工作组的区别:
1).NIS网络信息服务
NIS:MASTER,SLAVE
2).域:
是集中管理的。DC(域的管理者)
--NIS管理类似于域管理。
3).工作组:
是管理分散的的
1.安装NIS服务相关的包
安装ypserver,yppasswdd,默认portmap是安装过的。
[root@myhost ~]# mount /dev/cdrom /mnt/cdrom
[root@myhost ~]# rpm -qa ypserver
[root@myhost ~]# rpm -qa |grep portmap
portmap-4.0-65.2.2.1
[root@myhost ~]# LANG=en_US.UTF-8
--查看portmap 是否正常工作的 (后跟地址可以查看某一服务器的)
[root@myhost ~]# rpcinfo -p
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 789 status
100024 1 tcp 792 status
--查包是否已安装
[root@myhost ~]# rpm -qa |grep ypser
[root@myhost ~]# rpm -qa |grep yppass
[root@myhost ~]# cd /mnt/cdrom/
[root@myhost cdrom]# cd /mnt/cdrom/Server/
[root@myhost Server]# ll ypser*
-r--r--r-- 99 root root 137048 Aug 12 2008 ypserv-2.19-5.el5.i386.rpm
--查看yppass 服务是否存在
[root@myhost Server]# chkconfig --list |grep yppass
-- ypass 包裹在ypserver
[root@myhost Server]# rpm -qlp ypserv-2.19-5.el5.i386.rpm |less|grep yppass*
/etc/rc.d/init.d/yppasswdd
/etc/sysconfig/yppasswdd
/usr/sbin/rpc.yppasswdd
/usr/share/man/man8/rpc.yppasswdd.8.gz
/usr/share/man/man8/yppasswdd.8.gz
[root@myhost Server]# rpm -ivh ypserv-2.19-5.el5.i386.rpm
2.启动服务
[root@myhost Server]# chkconfig
chkconfig version 1.3.30.1 - Copyright (C) 1997-2000 Red Hat, Inc.
This may be freely redistributed under the terms of the GNU Public License.
usage: chkconfig --list [name]
chkconfig --add <name>
chkconfig --del <name>
chkconfig [--level <levels>] <name> <on|off|reset|resetpriorities>
--启动ypserv
[root@myhost Server]# chkconfig ypserv on
--chkconfig --level 35 yppasswdd on 可以设置在某一基本启动
[root@myhost Server]# chkconfig --list |grep ypserv
ypserv 0:off 1:off 2:on 3:on 4:on 5:on 6:off
--启动yppasswd
[root@myhost Server]# chkconfig yppasswdd on
[root@myhost Server]# chkconfig --list |grep yppass
yppasswdd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@myhost Server]#
3.创建本地账号导入到nis server 的资料库
3.1创建本地账号
[root@myhost ~]# useradd user1
[root@myhost ~]# passwd user1
[root@myhost ~]# useradd user2
[root@myhost ~]# passwd user2
[root@myhost ~]# cat /etc/passwd
[root@myhost ~]# cat /etc/shadow
3.2编辑Makefile文件
[root@myhost Server]# cd /var/yp
[root@myhost yp]# vim Makefile
# If we have only one server, we don't have to push the maps to the
# slave servers (NOPUSH=true). If you have slave servers, change this
# to "NOPUSH=false" and put all hostnames of your slave servers in the file
# /var/yp/ypservers.
23 NOPUSH=true
--不使用推,默认不推。master主动拷贝资料给slave服务器时是推的关系。
# MINGID is the lowest gid that will be included in the group maps.
32 MINUID=500
33 MINGID=500
--500及之后的用户导入到nis server资料库
55 # These are the source directories for the NIS files; normally
56 # that is /etc but you may want to move the source for the password
57 # and group files to (for example) /var/yp/ypfiles. The directory
58 # for passwd, group and shadow is defined by YPPWDDIR, the rest is
59 # taken from YPSRCDIR.
60 #
61 YPSRCDIR = /etc
62 YPPWDDIR = /etc
63 YPBINDIR = /usr/lib/yp
64 YPSBINDIR = /usr/sbin
65 YPDIR = /var/yp
66 YPMAPDIR = $(YPDIR)/$(DOMAIN)
117 all: passwd group hosts \
4.定义nis域名
[root@myhost yp]# vim /etc/sysconfig/network
--添加一行
NISDOMAIN=nisexample
[root@myhost yp]#init 6
--重启
5.设置NIS服务器类型
[root@nisexample yp]# /usr/lib/yp/ypinit
usage:
ypinit -m --master server
ypinit -s master --slave server
where -m is used to build the data bases on a master NIS server,
and -s is used for a slave data base. master must be an existing
reachable NIS server.
[root@nisexample ~]# /usr/lib/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS
servers. nisexample is in the list of NIS server hosts. Please continue to add
the names for the other hosts, one per line. When you are done with the
list, type a <control D>.
next host to add: nisexample
next host to add: --添加其他主机,如果没有ctr+d 跳过
The current list of NIS servers looks like this:
nisexample
Is this correct? [y/n: y] y
We need a few minutes to build the databases...
Building /var/yp/nisexample/ypservers...
gethostbyname(): Success
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/nisexample'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
gmake[1]: Leaving directory `/var/yp/nisexample'
nisexample has been set up as a NIS master server.
Now you can run ypinit -s nisexample on all slave server.
[root@nisexample ~]# cd /var/yp/nisexample/
[root@nisexample nisexample]# ll
total 112
-rw------- 1 root root 12450 Oct 5 13:16 group.bygid
-rw------- 1 root root 12456 Oct 5 13:15 group.byname
-rw------- 1 root root 12499 Oct 5 13:16 hosts.byaddr
-rw------- 1 root root 12520 Oct 5 13:16 hosts.byname
-rw------- 1 root root 12637 Oct 5 13:15 passwd.byname
-rw------- 1 root root 12631 Oct 5 13:15 passwd.byuid
-rw------- 1 root root 12358 Oct 5 13:15 ypservers
[root@nisexample nisexample]#