NISplus is network which allows you to store client information at a
central place where all the clients have access. This enables system
administrators to manage a group of servers from a central place.
This article discusses the nisplus objects , installation of servers ,clients and administration commands.
1.1 Objects in NIS+
1.3 Groups in NIS+
4.0 Administration commands
___________________________________
1.0 Introduction to
NIS+
- NIS + is network information services
which allows you to store client information at a central place
where all the clients have access. The information
can be user passwords , home directories, network services .
etc . - The information is stored in NIS+ tables .
Some of the standard tables (16 in number) comes with predefined
structure when NIS+ is installed . The other tables can be created
as per requirement using NIS+ commands. - NIS+ uses hierarchical structure and can
have multiple domains servers . - NIS+ uses the client server model . The
primary server is called master server and the backup
server is called the replica server . Both server
runs NIS+ and have copies of tables . The changes in master server
are propagated to replica servers in increments. - For security it uses both authentication and
authorization for securing the access to system and resources.
Authentication verifies validity of a user ; Authorization
verifies if the user is allowed to have access to the
resources. Access to any NIS+ table can be controlled through the
table permissions. - Clients have a configuration file /etc/nsswitch.com
; entries in this file determines where the clients should look
for the information , in local files or NIS+ maps at the server.
- #nisls ;Gives the total objects in NIS+
- #nisls org_dir ;Lists the tables listed in the
directory. - #niscat passwd.org_dir
- #niscat -o passwd.org_dir ;lists structure of
password table. - #nistbladm -a name=john uid=123 gid=111 home=/home/john
shell=/bin/sh passwd.org_dir - #nistbladm –a name=<> passwd=<> uid=<> gid=<>
home=<> shelll=<> passwd.org_d - #nistbladm -a name=john uid=123 gid=234 home=/home/john
shell=/bin/sh passwd.org_di - #nistbladm -m shell=/usr/local/bin/bash [name=john],passwd.org_dir
- # nispasswd <user_name> ;user has to update his key
through chkey -p - $ nispasswd ;update encrypted key
- $chkey -p ;(user NIS+ passwd and login passwd are the
same.) - #nisaddcred -p 123 -P john local
- # nisaddcred -p unix.123@planet.com -P john.planet.com. des
- #nistbladm -a key=john value=10.20.30.40:/home/john
auto_home.org_dir - #nistbladm -r key=john auto_home.org_dir ;If key is not
unique then more fields needs to be defined . -
#nistbladm -r name=john passwd.org_dir
-
#nisaddent -d passwd > /tmp/passwd ;Dump the
table to a file -
#vi /tmp/passwd ;Edit the dumped file
-
# nisaddent -r -f /tmp/passwd passwd ;Put back
the dumped file.
1.1 Objects in NIS +
There are three objects in NIS+
1. Parent domain - represented by domain
name e.g. planet.com.: (Parent domain )
2. org_dir – which contains all the NIS+ tables .
3. groups_dir – contains the groups information , by default only admin
group is there.
1.2 Standard Tables in NIS+
They contain same type of information as standard files of the same
name .The passwd table however contains the encrypted password information
also .
passwd
group
auto_master auto_home
Bootparams cred ethers
hosts
mail_aliases sendmailvars
netmasks netgroup
networks protocols
rpc
services
timezone client_info
1.3 Groups in NIS+
By default only admin group is created at the time of installation of NIS+
.
2.0 Preparing for Install
First step is to prepare the data files for NIS+ maps .This can be done by
coping the files which needs to be put in the nis+ tables for centralized
administration . The files are located in /etc and mostly have the same name
as NIS+ tables
If you want only passwords , groups , hosts , home directories to be
administered then you need to copy the these files in some other directory – say
nisfiles. You can make additional changes here .
-
#cp /etc/passwd /export/home/nisfiles
#cp /etc/group /export/home/nisfiles
#cp /etc/hosts /export/home/nisfiles
auto_home can be created by editing a copy of passwd file and keeping
only the login name and home directory .
A typical auto_home will consists of following entries
-
#vi auto_home
+auto_home
peter 10.20.30.40:/home/&
john 10.20.30.40:/home/&
First column is user names followed by name of the machine
providing home directories & home directory path.
-
2.1 Installing Server
a) Define a default domain if not defined already in /etc/defaultdomain.
#domainname
planet.com
#domainname > /etc/defaultdomain
b) As root ; change directory to the /usr/lib/nis or add PATH to this
directory.
Run server initialization program.
#nisserver -r
To setup server in NIS compatibility mode
#nisserver -r -Y
The above commands will setup the NIS+ server software.
Reboot the server
-
c) Login as root ; change directory to the one containing the files
auto_home , passwd and group.
Run the command to populate the empty nis+ tables.
#cd /export/home/nisfiles
#nispopulate –v –F
This will try to populate all the standard tables from
the files in local directory . you can also
specify a particular file name in for populating
a single table e.g.
#nispopulate –v –F auto_home
auto_home is the local file containg the entries in
proper format.
3.0 Installing Client
a.) Login as root in client
Define a default domain name – planet here.
b.) Run the client initialsation programme.
#nisclient –i -h jupiter -d panet.com
h is
for nis+ server host name .
d is
for nis+ domain name .
reboot the client machine.
c.) Login again and open /etc/nsswitch.conf
check to see that only entries coreesponding to the
populated tables are
pointing to nisplus first and then files. Rest of
them should be files and nisplus.
Following are some of the useful command for administering nis+
Listing table & objects in NIS+
Listing a contents of tables
-
Listing table structure
Adding A user
-
Changing the user information in passwd table (Super user only
Fill in the corresponding values in <>
-
example
-
to change only shell
-
Changing user passwd
As root
-
As user
-
Adding user credentials
123 is userid and john is the user name.
Adding / removing a user dir entry in auto_home table :
Removing a user
Modifying the tables for multiple
entries.
nisaddent command is available only for some of the
standard tables, for others either nispopulate or nistbladm has to
be used .