NIS : Configure Server2019/10/17 |
Configure NIS (Network Information Service) Server to provide network information like user accounts or hosts.
|
|
[1] | Install Ypserv and Configure NIS Server. |
[root@dlp ~]#
dnf -y install ypserv rpcbind # set NIS domain [root@dlp ~]# ypdomainname srv.world [root@dlp ~]# echo "NISDOMAIN=srv.world" >> /etc/sysconfig/network
[root@dlp ~]#
vi /var/yp/securenets # create new # specify range of network you allow to access NIS clients 255.0.0.0 127.0.0.0 255.255.255.0 10.0.0.0
[root@dlp ~]#
vi /etc/hosts # add hosts that are in NIS domain (server/client) # 10.0.0.30 dlp.srv.world dlp 10.0.0.51 node01.srv.world node01 .....
[root@dlp ~]#
systemctl enable --now rpcbind ypserv ypxfrd yppasswdd nis-domainname
# update NIS databases [root@dlp ~]# /usr/lib64/yp/ypinit -m At this point, we have to construct a list of the hosts which will run NIS servers. dlp.srv.world is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a <control D>. next host to add: dlp.srv.world next host to add: # Ctrl + D key The current list of NIS servers looks like this: dlp.srv.world Is this correct? [y/n: y] y We need a few minutes to build the databases... Building /var/yp/srv.world/ypservers... Running /var/yp/Makefile... gmake[1]: Entering directory '/var/yp/srv.world' Updating passwd.byname... Updating passwd.byuid... Updating group.byname... Updating group.bygid... Updating hosts.byname... Updating hosts.byaddr... Updating rpc.byname... Updating rpc.bynumber... Updating services.byname... Updating services.byservicename... Updating netid.byname... Updating protocols.bynumber... Updating protocols.byname... Updating mail.aliases... gmake[1]: Leaving directory '/var/yp/srv.world' dlp.srv.world has been set up as a NIS master server. Now you can run ypinit -s dlp.srv.world on all slave server. |
[2] | If you add local user or local group, new hosts in [/etc/hosts] on NIS Server, then Apply changes to NIS databases like follows. |
[root@dlp ~]# cd /var/yp [root@dlp yp]# |
[3] | If SELinux is enabled, change boolean settings. |
[root@dlp ~]# setsebool -P nis_enabled on [root@dlp ~]# setsebool -P domain_can_mmap_files on
|
[4] | If Firewalld is running, it needs to allow NIS services or ports. Some services listen different ports when they restart, so fix ports for them and allow by Firewalld. |
[root@dlp ~]#
vi /etc/sysconfig/network # add to the end YPSERV_ARGS="-p 944" YPXFRD_ARGS="-p 945"
[root@dlp ~]#
vi /etc/sysconfig/yppasswdd # add like follows YPPASSWDD_ARGS= "--port 950"
[root@dlp ~]#
[root@dlp ~]# systemctl restart rpcbind ypserv ypxfrd yppasswdd
firewall-cmd --add-service=rpc-bind --permanent [root@dlp ~]# firewall-cmd --add-port={944-951/tcp,944-951/udp} --permanent [root@dlp ~]# firewall-cmd --reload |
Sponsored Link |
|