Categorized | NIS

NISplus Installation & Administration

by

NISplus  is network which allows you to store client information at a
central place where all the clients have access. This enables system
administrators to manage a group of servers from a central place.
This article discusses the nisplus objects , installation of servers ,clients and administration commands.

1.0  Introduction to NIS+

1.1  Objects in NIS+

1.2  Standard tables in NIS+

1.3  Groups in NIS+

2.0  Preparing for Install

2.1  Installing Server

3.0  Installing Client

4.0  Administration commands 
___________________________________
 
1.0 Introduction to
NIS+ 

  • NIS +  is network information services 
    which allows you to store client information at a central place
    where all the clients have access.    The information
    can be user passwords , home directories, network services .

    etc .

  • The information is stored in NIS+ tables .
    Some of the standard tables (16 in number) comes with predefined
    structure when NIS+ is installed . The other tables can be created
    as per requirement using NIS+ commands.         
  • NIS+ uses  hierarchical structure and can
    have multiple domains servers  .
  • NIS+ uses the client server model . The
    primary server is called master server and the backup
    server
    is called the replica server . Both server
    runs NIS+ and have copies of tables . The changes in master server 
    are propagated to replica servers in increments.
  • For security it uses both authentication and
    authorization for securing the access to system and resources.
    Authentication verifies validity of a user ; Authorization
    verifies if the user is allowed to  have access to the
    resources. Access to any NIS+ table can be controlled through the
    table permissions.
  • Clients  have a configuration file /etc/nsswitch.com
    ; entries in this file determines where the clients should look
    for the information , in local files or NIS+ maps at the server. 

1.1 Objects in NIS +
There  are three objects in NIS+ 
1. Parent domain -  represented by  domain
name
e.g.  planet.com.: (Parent   domain )

2. org_dir  – which contains all the NIS+  tables .
3. groups_dir – contains the groups information , by default only admin
group is there. 
 
1.2 Standard Tables in NIS+


They contain same type of information  as standard files of the same
name .The passwd table however contains the encrypted password information
also .
passwd           
group                
auto_master     auto_home

Bootparams        cred                  ethers         
hosts

mail_aliases      sendmailvars         
netmasks        netgroup        

networks          protocols            
rpc            
services

timezone          client_info

1.3 Groups in NIS+
By default only admin group is created at the time of installation of NIS+
.
 
2.0 Preparing for Install
First step is to prepare the data files for NIS+ maps .This can be done by
coping the files which needs to be put in the nis+ tables for centralized
administration . The files are located in /etc and mostly have the same name
as NIS+  tables

If you want only passwords , groups , hosts , home directories to be
administered then you need to copy the these files in some other directory – say
nisfiles. You can make additional changes here .

#cp /etc/passwd      /export/home/nisfiles
#cp /etc/group       /export/home/nisfiles
#cp /etc/hosts       /export/home/nisfiles

auto_home can  be created by editing a copy of passwd file and keeping
only the login name and home directory .

A typical auto_home will consists of following entries

#vi auto_home
+auto_home
peter   10.20.30.40:/home/&
john    10.20.30.40:/home/&

First column is user names  followed by  name of the machine
providing home directories & home  directory path.

2.1 Installing Server
a) Define a default  domain  if not defined already in /etc/defaultdomain.
 
    #domainname
    planet.com
    #domainname > /etc/defaultdomain
 
b) As root ; change directory to the /usr/lib/nis or add PATH to this
directory.
    Run server initialization program.
 
    #nisserver -r

To setup server in NIS compatibility mode

#nisserver -r -Y


The above commands will setup the NIS+ server software.

Reboot the server

c) Login as root ; change directory to the one containing the files
auto_home , passwd  and group.
    Run the command to populate the empty nis+ tables.
 
    #cd /export/home/nisfiles
    #nispopulate –v –F
    This will try to populate all the standard tables from
the files in local directory .  you can also 
    specify a particular file name in  for populating
a  single    table e.g.
 
    #nispopulate –v –F  auto_home 
    auto_home is the local file containg the entries in
proper format.
 
3.0 Installing Client
a.) Login as root in client
   Define a default domain  name – planet  here.
b.) Run the client initialsation programme.
   #nisclient –i  -h jupiter -d panet.com
        h     is
for nis+ server host name .
        d     is
for nis+ domain name .
 
     reboot the  client machine.
c.) Login again and open /etc/nsswitch.conf
    check to see that only entries coreesponding to the
populated tables are 
    pointing to nisplus first  and then files. Rest of
them should be  files and nisplus.
 

4.0 Administration Commands

Following are some of the useful command for administering nis+

 

Listing  table & objects  in NIS+

  • #nisls   ;Gives the total objects in NIS+
  • #nisls org_dir  ;Lists the  tables listed in the
    directory.

Listing a contents of tables

  • #niscat passwd.org_dir
Listing table structure
  • #niscat -o passwd.org_dir    ;lists structure of
    password table.

Adding A user

  • #nistbladm -a name=john  uid=123 gid=111  home=/home/john
    shell=/bin/sh   passwd.org_dir
Changing the user information in passwd table (Super user only

Fill in the corresponding values  in <>

  • #nistbladm –a  name=<> passwd=<> uid=<> gid=<>
    home=<> shelll=<> passwd.org_d
example 
  • #nistbladm -a name=john uid=123 gid=234 home=/home/john 
    shell=/bin/sh  passwd.org_di
to change only shell

  • #nistbladm -m shell=/usr/local/bin/bash  [name=john],passwd.org_dir

Changing user passwd
 
  As root
  • # nispasswd  <user_name> ;user has to update his key
    through chkey -p
  As user
  • $ nispasswd   ;update encrypted key
  • $chkey -p   ;(user NIS+ passwd and login passwd are the
    same.)

Adding user credentials
  • #nisaddcred -p 123 -P john local
  • # nisaddcred -p unix.123@planet.com   -P john.planet.com. des

123 is userid and john is the user name.

Adding / removing a user dir entry in  auto_home table :

  • #nistbladm -a key=john value=10.20.30.40:/home/john 
    auto_home.org_dir
  • #nistbladm -r key=john auto_home.org_dir  ;If  key is not
    unique then more fields needs to be defined .

Removing a user

  • #nistbladm -r name=john passwd.org_dir

Modifying the tables  for multiple
entries.

  • #nisaddent -d passwd > /tmp/passwd  ;Dump the
    table to    a file

  • #vi /tmp/passwd ;Edit the dumped file

  • # nisaddent -r -f /tmp/passwd passwd ;Put back
    the dumped file.

nisaddent command  is available only for  some of the 
standard tables, for others either nispopulate or  nistbladm has to 
be used .

Share

Related Posts

  • Veritas Volume Manager – vxdiskadmVeritas Volume Manager – vxdiskadm (0)
    Veritas Volume Manager is used to manage disk storage spread over an array of disks. This article describes the volume manager objects and configuration of these objects using a text menu based ut...
  • Solaris Jumpstart – Howto guideSolaris Jumpstart – Howto guide (0)
    Jumpstart offers a way to install Solaris using network over multiple server with similar of different configurations. Learn how to Setup and configure jumpstart server & clients .
  • Solaris Error Messages O-SSolaris Error Messages O-S (0)
    Description of Solaris/Unix Error messages which starts with letters O thru S and their meaning .
  • Domain Name ServiceDomain Name Service (0)
    The following article describes in simple step the how to setup a DNS server. Though the article focus on Solaris but any operating system which uses BIND the procedure will remain the same.
  • Solaris  Error messages E-KSolaris Error messages E-K (0)
    Description of Solaris/Unix Error messages which starts with letters E F G H and K and their meaning .
  • Solaris Error Messages A-DSolaris Error Messages A-D (0)
    Description of Solaris/Unix Error messages which starts with letters A B C and D and what they actually mean

Leave a Reply