Difference between revisions of "Cluster der kan alt/LDAP eller NIS"
From Teknologisk videncenter
| Line 8: | Line 8: | ||
;Clients:Use the shared files - for example for single sign on. Users added on the master server | ;Clients:Use the shared files - for example for single sign on. Users added on the master server | ||
=Installation of the master server= | =Installation of the master server= | ||
| − | Add the following line to '''/etc/hosts.allow'''. | + | Add the following line to '''/etc/hosts.allow'''. |
<source lang=cli> | <source lang=cli> | ||
| − | portmap ypserv ypbind: 10. | + | portmap ypserv ypbind: 10.0.0.0/255.255.255.0 |
</source> | </source> | ||
Install NIS. You will be asked to enter the domain name. The domain name is not the DNS domain name - but a unique name for the the cluster of machines sharing the same information. (I use the DNS domain name - one less thing to remember) | Install NIS. You will be asked to enter the domain name. The domain name is not the DNS domain name - but a unique name for the the cluster of machines sharing the same information. (I use the DNS domain name - one less thing to remember) | ||
| Line 17: | Line 17: | ||
</source> | </source> | ||
*Edit '''/etc/default/nis''' and set the NISSERVER line to NISSERVER = master | *Edit '''/etc/default/nis''' and set the NISSERVER line to NISSERVER = master | ||
| − | *Edit '''/etc/yp.conf''' and add a server line of the form: | + | *Edit '''/etc/yp.conf''' and add a server line of the form: |
<source lang=cli> | <source lang=cli> | ||
| − | domain | + | domain dka.local server 127.0.0.1 |
</source> | </source> | ||
*Edit '''/etc/ypserv.securenets''' remove the '''0.0.0.0''' line - insecure - and add your net/nets | *Edit '''/etc/ypserv.securenets''' remove the '''0.0.0.0''' line - insecure - and add your net/nets | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Revision as of 11:59, 19 April 2012
NIS or Network Information Services is a simple - and insecure - way of making Single Sign On in a cluster of UNIX/Linux machines. Very useful in a closed network.
Originally NIS was called YP - Yellow Pages - and the acronyms YP and NIS are used.
There are up to three roles in a NIS installation
- Master server
- The master server - shares files to slaves and clients. For example the passwd and group file
- Slave server(s)
- Maintain copies of the Master Server shared files. Provides redundancy and load balancing
- Clients
- Use the shared files - for example for single sign on. Users added on the master server
Installation of the master server
Add the following line to /etc/hosts.allow.
portmap ypserv ypbind: 10.0.0.0/255.255.255.0Install NIS. You will be asked to enter the domain name. The domain name is not the DNS domain name - but a unique name for the the cluster of machines sharing the same information. (I use the DNS domain name - one less thing to remember)
apt-get install portmap nis- Edit /etc/default/nis and set the NISSERVER line to NISSERVER = master
- Edit /etc/yp.conf and add a server line of the form:
domain dka.local server 127.0.0.1- Edit /etc/ypserv.securenets remove the 0.0.0.0 line - insecure - and add your net/nets