Chapter 41. Using NIS

SUSE LINUX Documentation Part IX. Services / Chapter 41. Using NIS
	40.9. For More Information		41.2. Configuring NIS Clients

Table of Contents

41.1. Configuring NIS Servers Using YaST
41.2. Configuring NIS Clients

Abstract

As soon as multiple UNIX systems in a network want to access common resources, it becomes important that all user and group identities are the same for all machines in that network. The network should be transparent to users: whatever machines they use, they always find themselves in exactly the same environment. This is made possible by means of NIS and NFS services. NFS distributes file systems over a network and is discussed in Chapter 42, Sharing File Systems with NFS.

NIS (Network Information Service) can be described as a database-like service that provides access to the contents of /etc/passwd, /etc/shadow, and /etc/group across networks. NIS can also be used for other purposes (making the contents of files like /etc/hosts or /etc/services available, for example), but this is beyond the scope of this introduction. People often refer to NIS as YP, because it works like the network's “yellow pages.”

41.1. Configuring NIS Servers Using YaST

For configuration, select ‘Network Services’+‘NIS Server’ from the YaST control center. If there is no NIS server yet in your network, activate ‘Install and set up a NIS Master Server’ in the next screen. YaST immediately installs the required packages.

If you have already installed NIS software, click ‘Create NIS Master Server’. If you already have an NIS server (a master), you can add a NIS slave server (for example, if you want to configure a new subnetwork). First, the configuration of the master server is described. Clicking ‘Do nothing and leave setup’ takes you back to the YaST Control Center with no saved changes.

Figure 41.1. NIS Server Setup

After all packages have been installed, enter the NIS domain name at the top of the configuration dialog, which is shown in Figure 41.2, “Master Server Setup”. With the check box, define whether the host should also be a NIS client, enabling users to log in and access data from the NIS server. Check the boxes to apply, including the ‘Changing of paswords’ option. Further options can be set by clicking ‘Other global settings’. Here, access a screen in which you can change the source directory, merge passwords, and set minimum user and group IDs. Click ‘OK’ to return to the main dialog. Click ‘Next’ to continue with configuration.

Figure 41.2. Master Server Setup

In the next screen, specify which maps should be made available. Clicking ‘Next’ takes you to the following screen in which you determine which hosts are allowed to query the NIS server. You can add, delete, and edit hosts. Click ‘Finish’ to save changes and exit the configuration dialog.

Figure 41.3. NIS Server Maps Setup

To configure additional NIS slave servers in your network, activate ‘Install and set up a NIS Slave Server’ now. If NIS software has already been installed, click ‘Create NIS Slave Server’ and click ‘Next’ to continue. In the next screen, enter the NIS domain name and check the boxes that apply.

To allow users in your network (both local users and those managed through the NIS server) to change their passwords on the NIS server (with the command yppasswd), activate the corresponding option. This makes the options ‘Allow Changes to GECOS Field’ and ‘Allow Changes to Login Shell’ available. “GECOS” means that the users can also change their names and address settings with the command ypchfn. “SHELL” allows users to change their default shell with the command ypchsh, for example, to switch from bash to sh.

Further options can be set by clicking ‘Other global settings’. Here, access a screen, shown in Figure 41.4, “Changing the Directory and Synchronizing Files for a NIS Server”, in which to change the source directory of the NIS server (/etc by default). In addition, passwords and groups can be merged here. The setting should be ‘Yes’ so the files (/etc/passwd, /etc/shadow, and /etc/group) can be synchronized. Also determine the smallest user and group ID. Click ‘OK’ to confirm your settings and return to the previous screen.

After your settings have been made, advance to the next screen by clicking ‘Next’. In the next dialog, check which maps should be available then click ‘Next’ to continue. In the final screen, enter which hosts are allowed to query the NIS server. You can add, edit, or delete hosts by clicking the appropriate buttons. Click ‘Finish’ to save changes and exit setup. Then click ‘Next’.

Figure 41.4. Changing the Directory and Synchronizing Files for a NIS Server

If you previously enabled ‘Active Slave NIS Server Exists’, enter the hostnames used as slaves and click ‘Next’. If you do not use slave servers, the slave configuration is skipped and you continue directly to the dialog for the database configuration. Here, specify the maps, the partial databases to transfer from the NIS server to the client. The default settings are usually adequate.

‘Next’ continues to the last dialog, shown in Figure 41.5, “Setting Request Permissions for a NIS Server”. Specify from which networks requests can be sent to the NIS server. Normally, this is your internal network. In this case, there should be the following two entries:

255.0.0.0     127.0.0.0
0.0.0.0       0.0.0.0

The first entry enables connections from your own host, which is the NIS server. The second one allows all hosts with access to the same network to send requests to the server.

Figure 41.5. Setting Request Permissions for a NIS Server

	Automatic Firewall Configuration
If a firewall is active on your system (SuSEfirewall2), YaST adapts its configuration for the NIS server by enabling the `portmap` service when ‘Open Ports in Firewall’ is selected.