NIS網路信息服務
38-1 註: 1)rpc 遠程進程調用 2)Ypserver 驗證用戶身份 3)yppasswd 用戶更改伺服器的口令 NIS、域、工作組的區別: 1).NIS網路信息服務 NIS:
2).域:
是集中管理的.DC(域的管理者)
--NIS管理類似於域管理.
3).工作組:
是管理分散的的
1.安裝NIS服務相關的包
安裝
[root@myhost ~]# mount /dev/cdrom /mnt/cdrom
[root@myhost ~]# rpm -qa ypserver
[root@myhost ~]# rpm -qa |grep portmap
portmap-4.0-65.2.2.1
[root@myhost ~]# LANG=en_US.UTF-8
--查看portmap 是否正常工作的 (後跟地址可以查看某一伺服器的)
[root@myhost ~]# rpcinfo -p
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 789 status
100024 1 tcp 792 status
--查包是否已安裝
[root@myhost ~]# rpm -qa |grep ypser
[root@myhost ~]# rpm -qa |grep yppass
[root@myhost ~]# cd /mnt/cdrom/
[root@myhost cdrom]# cd /mnt/cdrom/Server/
[root@myhost Server]# ll ypser*
-r--r--r-- 99 root root 137048 Aug 12 2008 ypserv-2.19-5.el5.i386.rpm
--查看yppass 服務是否存在
[root@myhost Server]# chkconfig --list |grep yppass
-- ypass 包裹在ypserver
/etc/rc.d/init.d/yppasswdd
/etc/sysconfig/yppasswdd
/usr/sbin/rpc.yppasswdd
/usr/share/man/man8/rpc.yppasswdd.8.gz
/usr/share/man/man8/yppasswdd.8.gz
[root@myhost Server]# rpm -ivh ypserv-2.19-5.el5.i386.rpm
2.啟動服務
[root@myhost Server]# chkconfig
chkconfig version 1.3.30.1 - Copyright (C) 1997-2000 Red Hat, Inc.
This may be freely redistributed under the terms of the GNU Public License.
usage: chkconfig --list [name]
chkconfig --add <name>
chkconfig --del <name>
chkconfig [--level <levels>] <name> <on|off|reset|resetpriorities>
--啟動
[root@myhost Server]# chkconfig ypserv on
--chkconfig --level 35 yppasswdd on 可以設置在某一基本啟動
[root@myhost Server]# chkconfig --list |grep ypserv
ypserv 0:off 1:off 2:on 3:on 4:on 5:on 6:off
--啟動yppasswd
[root@myhost Server]# chkconfig yppasswdd on
[root@myhost Server]# chkconfig --list |grep yppass
yppasswdd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@myhost Server]#
3.創建本地賬號導入到nis server 的資料庫
3.1創建本地賬號
[root@myhost ~]# useradd user1
[root@myhost ~]# passwd user1
[root@myhost ~]# useradd user2
[root@myhost ~]# passwd user2
[root@myhost ~]# cat /etc/passwd
[root@myhost ~]# cat /etc/shadow
3.2編輯Makefile文件
[root@myhost Server]# cd /var/yp
[root@myhost yp]# vim Makefile
# If we have only one server, we don't have to push the maps to the
# slave servers (NOPUSH=true). If you have slave servers, change this
# to "NOPUSH=false" and put all hostnames of your slave servers in the file
# /var/yp/ypservers.
23 NOPUSH=true
--
# MINGID is the lowest gid that will be included in the group maps.
32 MINUID=500
33 MINGID=500
--500及之後的用戶導入到nis server資料庫
55 # These are the source directories for the NIS files; normally
56 # that is /etc but you may want to move the source for the password
57 # and group files to (for example) /var/yp/ypfiles. The directory
58 # for passwd, group and shadow is defined by YPPWDDIR, the rest is
59 # taken from YPSRCDIR.
60 #
61 YPSRCDIR = /etc
62 YPPWDDIR = /etc
63 YPBINDIR = /usr/lib/yp
64 YPSBINDIR = /usr/sbin
65 YPDIR = /var/yp
66 YPMAPDIR = $(YPDIR)/$(DOMAIN)
117 all: passwd group hosts \
4.定義nis域名
[root@myhost yp]# vim /etc/sysconfig/network
--添加一行
NISDOMAIN=nisexample
[root@myhost yp]#init 6
--重啟
5.設置NIS伺服器類型
[root@nisexample yp]# /usr/lib/yp/ypinit
usage:
ypinit -m --master server
ypinit -s master --slave server
where -m is used to build the data bases on a master NIS server,
and -s is used for a slave data base. master must be an existing
[root@nisexample ~]# /usr/lib/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS
servers. nisexample is in the list of NIS server hosts. Please continue to add
the names for the other hosts, one per line. When you are done with the
list, type a <control D>.
next host to add: nisexample
next host to add: --添加其他主機,如果沒有ctr d 跳過
The current list of NIS servers looks like this:
nisexample
Is this correct? [y/n: y] y
We need a few minutes to build the databases...
Building /var/yp/nisexample/ypservers...
gethostbyname(): Success
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/nisexample'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
gmake[1]: Leaving directory `/var/yp/nisexample'
nisexample has been set up as a NIS master server.
Now you can run ypinit -s nisexample on all slave server.
[root@nisexample ~]# cd /var/yp/nisexample/
[root@nisexample nisexample]# ll
total 112
-rw------- 1 root root 12450 Oct 5 13:16 group.bygid
-rw------- 1 root root 12456 Oct 5 13:15 group.byname
-rw------- 1 root root 12499 Oct 5 13:16 hosts.byaddr
-rw------- 1 root root 12520 Oct 5 13:16 hosts.byname
-rw------- 1 root root 12637 Oct 5 13:15 passwd.byname
-rw------- 1 root root 12631 Oct 5 13:15 passwd.byuid
-rw------- 1 root root 12358 Oct 5 13:15 ypservers
[root@nisexample nisexample]#
6.配置客戶端
首先客戶端要加入到nis域
6.1檢查ypbind
ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@nis-client ~]# authconfig-tui
6.2把客戶端機器加入域環境
#authconfig-tui
1) 選擇
[*]use nis
38-2
server 192.168.100.70
38-3
Stopping portmap: [ OK ]
Starting portmap: [ OK ]
Binding to the NIS domain: [ OK ]
Listening for an NIS domain server.
7.伺服器上創建用戶導入到資料庫,實現在客戶端能夠登陸
[root@nis-server yp]# useradd tom
[root@nis-server yp]# passwd tom
[root@nis-server yp]# tail /etc/passwd
tom:x:503:503::/home/tom:/bin/bash
[root@nis-server yp]# pwd
/var/yp
[root@nis-server yp]#
[root@nis-server yp]# make ---–重新導出資料庫
gmake[1]: Entering directory `/var/yp/nisexample'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
gmake[1]: Leaving directory `/var/yp/nisexample'
[root@nis-server yp]#
[root@nis-server yp]#
用戶可以通過身份驗證登陸,但是會找不到家目錄,登陸出現:-bash-3.2$
8.更改用戶在客戶端登陸的家目錄問題
8.1在伺服器端
掛載server的/home目錄到本地 ,用戶在本地登陸就可以找到自己的家目錄了
編輯共享清單
[root@nis-server yp]# vim /etc/exports
/home 192.168.100.0/255.255.255.0(rw,sync) –----在該網段可讀可寫、保持同步
~
啟動nfs服務
[root@nis-server yp]# service nfs start
Starting NFS services: [ OK ]
Starting NFS quotas: [ OK ]
Starting NFS daemon:
Starting NFS mountd: [ OK ]
[root@nis-server yp]# exportfs rv
導出共享清單
[root@nis-server yp]# exportfs -rv
exporting 192.168.100.0/255.255.255.0:/home
[root@nis-server yp]#
8.2客戶端配置
客戶端掛載伺服器的/home
[root@nis-client ~]#
[root@nis-client ~]# mount 192.168.100.70:/home /home
[root@nis-client ~]# mount
192.168.100.70:/home on /home type nfs (rw,addr=192.168.100.70)
[root@nis-client ~]# ll /home
total 24
drwx------ 3 jim jim 4096 Oct 5 14:04 jim
drwx------ 3 tom tom 4096 Oct 5 13:45 tom
drwx------ 3 user user 4096 Sep 16 00:16 user
drwx------ 3 user1 user1 4096 Oct 5 11:38 user1
drwx------ 3 user2 user2 4096 Oct 5 11:38 user2
[root@nis-client ~]#
用戶在客戶端登陸正常:
[tom@nis-client ~]$
解決伺服器負擔
重新創建nis的家目錄
[root@nis-server yp]# mkdir /nishome
[root@nis-server yp]# useradd -d /nishome/user9 user9
[root@nis-server yp]# useradd -d /nishome/user10 user10
[root@nis-server yp]# passwd user9
[root@nis-server yp]# passwd user10
[root@nis-server yp]# make
gmake[1]: Entering directory `/var/yp/nisexample'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
gmake[1]: Leaving directory `/var/yp/nisexample'
[root@nis-server yp]#
[root@nis-server yp]# vim /etc/exports
/nishome 192.168.100.0/255.255.255.0(rw,sync)
[root@nis-server yp]# exportfs -rv
exporting 192.168.100.0/255.255.255.0:/nishome
[root@nis-server yp]#
[root@nis-server yp]# servcie nfs restart
[root@nis-client etc]# ll -d /nishome
drwxr-xr-x 2 root root 0 Oct 5 14:44 /nishome
[root@nis-client etc]# chmod o wt /nishome/
[root@nis-client etc]# ll -d /nishome
drwxr-xrwt 2 root root 0 Oct 5 14:44 /nishome
[root@nis-client ~]# vim /etc/auto.m
auto.master auto.misc
[root@nis-client ~]# vim /etc/auto.master
/nishome /etc/auto.nis --timeout=60
--添加監控文件,超出時間60秒
[root@nis-client ~]# cd /etc/
[root@nis-client etc]# cp auto.misc auto.nis
[root@nis-client etc]# vim auto.nis
user9 -rw,soft,intr 192.168.100.70:/nishome/user9
user10 -rw,soft,intr 192.168.100.70:/nishome/user10
有人進入user9時,可讀可寫 允許報錯 允許中斷;把伺服器的user9掛到本地user9
用戶實現客戶端的登錄
客戶機不需配置賬號
只需在伺服器上配置賬號就可以了
[root@nis-client etc]# showmount -e 192.168.100.70
Export list for 192.168.100.70:
/home 192.168.100.0/255.255.255.0
[root@nis-client etc]# service autofs restart
Stopping automount: [ OK ]
Starting automount: [ OK ]
[root@nis-client etc]#
[root@nis-client etc]# mount 192.168.100.70:/nishome /nishome
[root@nis-client etc]#
[user9@nis-client ~]$
[root@nis-server yp]# passwd user11
Changing password for user user11.
New UNIX password:
BAD PASSWORD: it is WAY too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@nis-server yp]#
[root@nis-server yp]#
[root@nis-server yp]# make
gmake[1]: Entering directory `/var/yp/nisexample'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
gmake[1]: Leaving directory `/var/yp/nisexample'
[root@nis-server yp]#
[root@nis-client etc]# vim /etc/auto.nis
* -rw,soft,intr 192.168.100.70:/nishome/&
用戶多了,可以用一句
*表示要進入客戶端的用戶
--*替換&
&表示將該*用戶在伺服器上的目錄自動掛載過來、
[root@nis-client etc]# service autofs restart
Stopping automount: [ OK ]
Starting automount: [ OK ]
[root@nis-client etc]#
[root@nis-client etc]#
[user11@nis-client ~]$
[火星人 ] linux -nis已經有706次圍觀