AIX 5L Configuring TCP/IP (Unit 15) – Configure and Use NIS

Unit Objectives
———————–
Configure NIS master server, NIS slave server, and NIS client
Updating existing NIS data maps
Add a new slave server
Use NIS commands

Prerequisite Conditions to Configuring NIS
————————————————————–
All NIS systems must meet these conditions before configuring NIS:
– TCP/IP must be running
– portmap daemon must be running
– NFS must be installed

NIS Configuration Scenario
—————————————–
Bigbucks Accounting Firm

Master Server, client sys1 – domainname = accounting (/var/yp/accounting)
Slave Server, client sys2 – domainname = accounting (/var/yp/accounting)
Client sys3 – domainname = accounting

NIS Domain Name – Master Server
—————————————————
# smit chypdom (now, at restart or both)
Change NIS Domain Name of this Host

domainname (displays current domain name)
domainname accounting (establish accounting as the domain name at the kernel)

Editing NIS Master Server /etc/passwd File
—————————————————————
# vi /etc/passwd
root….
team01…
team02…
….

Editing NIS Master Server /etc/hosts File
————————————————————-
# vi /etc/ hosts
127.0.0.1 localhost loopback
9.19.98.1 sys1
9.19.98.2 sys2
….

Host Name Resolution Hierarchy
————————————————
Start
Is NIS running? – No (/etc/hosts)
Yes – Check NIS server for resolution – Not found (failed)
Found – Resolved

Configuring NIS Master Server
————————————————
# smit mkmaster
Configure this Host as a NIS Master Server
Hosts that will be slave servers:
……

Note: Executing this command runs the ypinit command to create the map files.

Contents of the NIS Domain Directory
——————————————————-
NIS Master Server (sys1)
# ls -l /var/yp/accounting (sampling of map files)
hosts.byname.dir
hosts.byname.pag
hosts.byaddr.dir
hosts.byaddr.pag
passwd.byname.dir
passwd.byname.pag
passwd.byuid.dir
passwd.byuid.pag
ypservers.dir
ypservers.pag

Activating an NIS Master
————————————
1. cfgmgr – ODM /etc/objrepos/Config_Rules /etc/rc.net
2. run-time init – /etc/inittab
– rctpcip./etc/rc.tcpip – portmap
– rcnfs:/etc/rc.nfs – /etc/rc.nfs (includes NIS)
sets the domainname, starts the ypserv, ypbind and yppasswdd daemons

Editing Local Files – Slave Server
————————————————
Edit /etc/passwd to include only:
– Local user names
– Escape sequence +::0:0::: (goto the ypbind daemon to get NIS server information)
Edit /etc/hosts to include only:
– Loopback entry
– Entry for this host

NIS Domain Name – Slave Server
————————————————-
# smit chypdom
Change NIS Domain Name of this Host
Domain name of this host: accounting
execute

Configuring NIS – Slave Server
——————————————–
# smit mkslave
Configure this Host as a NIS Slave Server
Hostname of the master server: sys1
execute

Editing Local Files – Client
————————————————
Edit /etc/passwd to include only:
– Local user names
Edit /etc/hosts to include only:
– Loopback entry
– Entry for this host

NIS Domain Name – Client
—————————————-
# smit chypdom
Change NIS Domain Nmae of this Host
Domain name of this host: accounting
execute

Configuring NIS Client
———————————
# smit mkclient
Configure this Host as a NIS Client
excute
Note: This runs the ypset commands if you provide a specific NIS Server to bind to.

Configured NIS Network
———————————–
NIS Master Server, client
Domain: accounting
/var/yp/accounting (accounting NIS Database Maps)
ypbind, ypserv, yppasswdd

NIS Slave Server, client
Domain: accounting
/var/yp/accounting (Replicated accounting NIS Database Maps)
ypbind, ypserv

NIS Client
Domain: accounting
ypbind

Invoking an NIS Login
———————————
NIS Client – sys3 /etc/passwd (+::0:0::: –> Goto NIS Server – sys2
NIS Server – sys2 /var/yp/accounting/passwd.byname.pag (sys3:/home/team01/.profile)
Login:team01

Updating NIS Passwords with yppasswdd
————————————————————–
NIS Client – sys2
$ yppasswd
Changing NIS password for team01 on sys1
Old NIS password:
New password:
Retype new password:
NIS password changed on sys1

NIS Master Server – sys1
yppasswdd
/etc/security/passwd
rebuild passwd map
yppush – broadcasts to all slaves that new data is available

Slave Server issue a ypxfr command to update the slave servers

Updating NIS Maps
——————————
# smit mkmaps
Build/Rebuild NIS Maps for this Master Server
Maps that are to be built: ????

Note: Map files are based on the regular configuration files. You update the regular configuration files and then rebuild the NIS Maps.

Adding a New Slave Server
—————————————-
Simply create a source file

# cd /var/yp
# (makedbm -u accounting/ypservers ; echo sys4) | makedbm – tmpservers
Note: Takes a copy of the data map and creates a flat file for it.
# makedbm -u tmpservers
YP_LAST_MODIFIED 0770049835
YP_MASTER_NAME sys1
sys1 sys2
sys4

# mv tmpservers.pag accounting/ypservers.pag
# mv tmpservers.dir accounting/ypservers.dir

Note: Use SMIT to configure sys4 as a slave server.

Downlevel Slave Server Maps
——————————————-
NIS Master Server
update map
make
rebuild map
yppush

Slave1 – ypxfr (Updated Map)
Slave2 – ypxfr (Updated Map)
Slave3 – down (Earlier Version)

Cron jobs running ypxfr can keep slaves maps current.

Isolating Name Resolution Problems with NIS
——————————————————————-
Check if ypserv is running.
Should it be? Yes –> Start upserv if it isn’t running, Check database
No –> Stop it
Is ypbind running? No –> Start it
Check to which host it is bound

Review of NIS Commands
—————————————
NIS Commands that can be executed when NIS is running:
domainname – sets the domain name in the kernel
makedbm – generate a data map from flat files or visa versa
ypcat – send contents of the data map to standard output
ypinit – creates all of the maps files initially
ypmatch – access key information out of the database
yppasswdd – remotely update passwords from the client

yppoll – used by slave server to query the master
yppush – notifies the slave servers of a change
pyset – set the server that you are binding to, can be remote server
ypwhich – which server that you are currently bound to
ypxfr – pull information from the master

Remove NIS Client Configuration
————————————————
# smit rmypclient
Remove NIS Server Configuration from this Host
execute

Remove NIS Server Configuration
————————————————
# smit rmypserv
Remove NIS Server Configuration from this Host
execute

Unit Summary
———————
The steps to configure a master and slave server as well as client are very simliar. They are:
– Update as needed the ASCII input files, for example, /etc/passwd, etc/hosts
– Set the domain name
– Initialize NIS
Updating existing data maps uses the make utility to recreate the target maps using updated source ASCII files as input
Adding a new slave server uses the makedbm command
Controlling the NIS environment using commands

Exercise 13 – Configure and Use NIS
——————————————————–
Client sys2
Backup passwd and hosts files on both client and server sides
cp /etc/passwd /etc/passwd.bak
cp /etc/hosts /etc/hosts.bak

Server sys3
cat /etc/hosts (Make sure it is complete, the NIS Map files will be created from it)

Create new users
mitty mkuser
User NAME: master
Primary Group: system
Group Set: system
execute
User Name: client
Primary Group: system
Group Set: system
execute

Set passwords for the new users
passwd master
master
passwd client
client

ping sys2 (verify access from server to client)
ftp sys2
ls /home (no /home/master or /home/client directories on the client)

Create home directories and copy .profile for users
mkdir /home/master
put /home/master/.profile
mkdir /home/client
put /home/client/.profile

Client sys2
ls /home (verify that the directories and .profile files exist

Server sys3
Remove client home directory on server
rm -r /home/client
cd /home
ls
cat /etc/passwd (validate file, must have all client passwords on clients)

smitty nfs
Network Information Service (NIS)
Change NIS Domain Name of this Host
Domain name of this host: bigone
execute
Configure/Modify NIS
Configure this Host as a NIS Master Server
Hosts that will be slave server: sys4
execute (Starts the daemons and creates the Map files)

lssrc -g yp (validate daemons are up and running)

Check for Map files
ls -al /var/yp (check for bigone directory)
ls -al /var/yp/bigone | more (losts of map file exist)

ypcat -k passwd (display contents of the passwd map files)
more /etc/rc.nfs (script that starts the NIS daemons on startup)
/usr/bin/domainname bigone (establishes the domain name)
start ypserv…
start ypbind…

Login as master
su – master
su – master
master’s Password:
You are required to change you password. (Don’t want user to have to do this.)
exit

su – client
client’s Passwd
You are required to change you password. (Don’t want user to have to do this.)
exit

yppasswd master
Old NIS password:
master’s new password:
exit

vi /etc/hosts (validate it is complete)
9.19.99.8 sys8 (add a line)
save

Regenerate the Map file
smitty nfs
Network Information Service (NIS
Manage NIS Maps
Build/Rebuild Maps for this Master Server
MAPs that are to be built: hosts

Client sys2
cd /home
ls -l (verify the client and master home directories, however, they are owned by root)
cat /etc/passwd (client and master are not defined yet)

ping sys3 (check connectivity to the server)
vi /etc/hosts
127.0.0.1 loopback localhost
9.19.90.2 sys2
Remove everything but above two line, must be able to talk to ourselves)
Save

verify that we are not using the NIS name server
cat /etc/resolv.conf

setup as NIS client
smitty nfs
Network Information Service (NIS)
Change NIS Domain Name
Domain name: bigone
execute
Configure/Modify NIS
Configure this host as an NIS client
Start the NIS client: both
execute

ypwhich (What server are we bound to? sys3)

cd /home
ls -l | grep client (owned by root, must be changed to client)
chown client client
ls -l | grep client (now owned by client)

ls -l | grep master (owned by root, must be changed to master)
chown master master
ls -l | grep master (now owned by master)

Login as client
su – team2
su – client
client’s password
pwd
/home/client

Client sys98r
telnet sys2
login: client
client’s Password
pwd
/home/client
exit

Client sys2
Check out name resolution
host sys4
cat /etc/hosts (no sys4 here, it went to the NIS server to get resolution)
host 9.19.99.4

Setup NIS slave server
Slave Server sys6
ping sys3 (check connectivity)
vi /etc/passwd
+::0:0::: (must add token to end of file, it was automatically added to the client)
save

vi /etc/hosts
127.0.0.1 loopback localhost
9.19.90.6 sys6
Remove everything but above two line, must be able to talk to ourselves)
Save

smitty
Network Information Service (NIS)
Change NIS Domain Name of this Host
Domain name of host: bigone
execute
Configure/Modify NIS
Configure this Host as NIS Slave Server
Hostname of the master server: sys3
execute (Transfers the map file from the master server to the slave server, starts daemons)
exit

lssrc -g yp (verify daemons running)
ls -al /var/yp/bigone (check for map files)
ypcat -k passwd
cat /etc/passwd (compare passwd files)

Server sys3
stopsrc -g yp (master server no longer acting as an NIS server)
ypwhich (sys3 is not running ypbind)
startsrc -s ypbind
ypwhich (who are we bond to)
9.19.98.6 (slave server)
host 9.19.99.1 (check name resolution)
host sys4
su – team2
su – client
Client’s password
su – master
master’s password
pwd
/home/master

Leave a Reply

Your email address will not be published. Required fields are marked *

*