Day - 24 NIS
Transcript of Day - 24 NIS
-
7/28/2019 Day - 24 NIS
1/16
NIS SERVER
The two common authentication services
are the Network Information Service (NIS)
and the Lightweight directory Access Protocol (LDAP).
Both NIS and LDAP allows to manage all users &
computer centrally
How Local Authentication works ?
Linux
Client
Linux
Client
Linux
Client
Linux
Client
user1
user1 user2
user2
Solution for Local Authentication
Linux
Client
Linux
Client
Linux
Client
Linux
Client
user1
user1 user2
user2
user2
user2 user1
user1
-
7/28/2019 Day - 24 NIS
2/16
How NIS works ?
Linux
Client
Linux
Client
NIS
Server
NIS
Server
LinuxClient
LinuxClient
192.168.0.253
192.168.0.253
user1
user1
user2
user2
Requirements
Packages
ypserv-2.13.5.i386.rpm
ypbind-1.17.2-3.i386.rpm
yp-tools-2.8-7.i386.rpm Port Numbers
NIS uses random port numbers
[root@comp1 ~]# rpcinfo -p
Configuration File
/var/yp/Makefile
Service
ypserv
yppasswdd
Daemons
ypserv
yppasswdd
NIS Configuration
Linux
Client
Linux
Client
NIS + NFS
Server
NIS + NFS
Server
Linux
Client
Linux
Client
/home
/home
192.168.0.253
192.168.0.253
user1
user2
user1
user2
ZOOM.COM
ZOOM.COM
Configuring NIS Server
Install the package by using one of the installation methods
[root@comp~]#rpm ivh force aid ftp://192.168.0.250/pub/Server/yp*
Install the package by using one of the installation methods
[root@comp~]#rpm ivh force aid ftp://192.168.0.250/pub/Server/yp*
Assigning an NIS domain
[root@comp1~]# nisdomainname zoom.com
Assigning an NIS domain
[root@comp1~]# nisdomainname zoom.com
Assigning an NIS domain - Permenant
[root@comp1~]# vi /etc/sysconfig/network
Assigning an NIS domain - Permenant
[root@comp1~]# vi /etc/sysconfig/network
-
7/28/2019 Day - 24 NIS
3/16
/etc/sysconfig/network
Add below line
NISDOMAIN=zoom.com
Add below line
NISDOMAIN=zoom.com
NIS Server
To restart the NIS services
[root@comp1 ~]# service portmap restart
[root@comp1 ~]# service yppasswdd restart
To restart the NIS services
[root@comp1 ~]# service portmap restart
[root@comp1 ~]# service yppasswdd restart
Configuring NIS Server
Open configuration for editing
[root@comp1~]# vi /var/yp/Makefile
Open configuration for editing
[root@comp1~]# vi /var/yp/Makefile
/var/yp/Makefile
To change the below option
NOPUSH=true
all : passwd group hosts \
To change the below option
NOPUSH=true
all : passwd group hosts \
-
7/28/2019 Day - 24 NIS
4/16
NIS Server
To restart the NIS services
[root@comp1 ~]# service ypserv restart
To restart the NIS services
[root@comp1 ~]# service ypserv restart
NIS Server
To build database of users & groups
[root@comp1 ~]# /usr/lib/yp/ypinit -m
To build database of users & groups
[root@comp1 ~]# /usr/lib/yp/ypinit -m
To create users
[root@comp1 ~]#useradd user1
[root@comp1 ~]#useradd user2
To create users
[root@comp1 ~]#useradd user1
[root@comp1 ~]#useradd user2
To update database with new users
[root@comp1 ~]# useradd user3
[root@comp1 ~]# useradd user4
[root@comp1 ~]# cd /var/yp
[root@comp1 ~]# make
To update database with new users
[root@comp1 ~]# useradd user3
[root@comp1 ~]# useradd user4
[root@comp1 ~]# cd /var/yp
[root@comp1 ~]# make
Requirements
Packages
portmap-4.0-63.i386.rpm
nfs-utils-1.0.6-46.i386.rpm
Port Numbers
2049 Nfsd
111 Portmap
Configuration File
/etc/exports
Service
portmap
nfs
Daemons
nfsd
mountdstatd
lockd
-
7/28/2019 Day - 24 NIS
5/16
Configuring NFS Server
Install the package by using one of the installation methods
[root@comp1~]# rpm ivh force aid ftp://192.168.0.250/pub/Server/yp*
Install the package by using one of the installation methods
[root@comp1~]# rpm ivh force aid ftp://192.168.0.250/pub/Server/yp*
Open configuration for editing
[root@comp1~]# vi /etc/exports
Open configuration for editing
[root@comp1~]# vi /etc/exports
/etc/exports
To add the below
/home 192.168.0.0/255.255.255.0(rw,sync)
To add the below
/home 192.168.0.0/255.255.255.0(rw,sync)
NFS Server
To restart the NFS services
[root@comp1 ~]# service nfs restart
To restart the NFS services
[root@comp1 ~]# service nfs restart
Configuring Client
Install the package by using one of the installation methods
[root@comp1~]# rpm ivh force aid ftp://192.168.0.250/pub/Server/yp*
Install the package by using one of the installation methods
[root@comp1~]# rpm ivh force aid ftp://192.168.0.250/pub/Server/yp*
Assigning an NIS domain
[root@comp1~]# nisdomainname zoom.com
Assigning an NIS domain
[root@comp1~]# nisdomainname zoom.com
Assigning an NIS domain - Permenant
[root@comp1~]# vi /etc/sysconfig/network
Assigning an NIS domain - Permenant
[root@comp1~]# vi /etc/sysconfig/network
-
7/28/2019 Day - 24 NIS
6/16
/etc/sysconfig/network
Add below line
NISDOMAIN=zoom.com
Add below line
NISDOMAIN=zoom.com
Configuring Client
Connecting to server for authentication
[root@comp1 ~]# authconfig-tui
Connecting to server for authentication
[root@comp1 ~]# authconfig-tui
Mounting home directories of the users
[root@comp1 ~]# mount 192.168.0.253:/home /home
Mounting home directories of the users
[root@comp1 ~]# mount 192.168.0.253:/home /home
Checking for connectivity
[root@comp1 ~]# ypwhich
Checking for connectivity
[root@comp1 ~]# ypwhich
How Local Authentication works ?
Linux
Client
Linux
Client
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User1
192.168.0.253192.168.0.253
user1
-
7/28/2019 Day - 24 NIS
7/16
****
How Local Authentication works ?
LinuxClientLinuxClient
NIS
Server
NIS
Server
LinuxClient
Linux
Client
User1
192.168.0.253192.168.0.253
user1
LOCAL USER DATABASE
****user1 ****
user1 foundAuthentication
SuccessfulAccess - Granted
user1 foundAuthentication
SuccessfulAccess - Granted
How Local Authentication works ?
Linux
Client
Linux
Client
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User2
192.168.0.253192.168.0.253
-
7/28/2019 Day - 24 NIS
8/16
user2 ****
How Local Authentication works ?
Linux
Client
Linux
Client
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User2
192.168.0.253192.168.0.253
user1
LOCAL USER DATABASE
****
user2 not foundAuthentication
FailAccess - Denied
user2 not foundAuthentication
FailAccess - Denied
-
7/28/2019 Day - 24 NIS
9/16
How Local Authentication works ?
LinuxClientLinuxClient
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User2
192.168.0.253192.168.0.253
user2
How Local Authentication works ?
Linux
Client
Linux
Client
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User2
192.168.0.253192.168.0.253
user2
LOCAL USER DATABASE
****user2 ****
user2 foundAuthentication
SuccessfulAccess - Granted
user2 foundAuthentication
SuccessfulAccess - Granted
-
7/28/2019 Day - 24 NIS
10/16
How Local Authentication works ?
LinuxClientLinuxClient
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User1
192.168.0.253192.168.0.253
user1 ****
-
7/28/2019 Day - 24 NIS
11/16
How Local Authentication works ?
LinuxClientLinuxClient
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User1
192.168.0.253192.168.0.253
user2
LOCAL USER DATABASE
****
user1 not foundAuthentication
FailedAccess - Denied
user1 not foundAuthentication
FailedAccess - Denied
How NIS Authentication works ?
Linux
Client
Linux
Client
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User1
192.168.0.253192.168.0.253
user1
-
7/28/2019 Day - 24 NIS
12/16
****
How NIS Authentication works ?
LinuxClientLinuxClient
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User1
192.168.0.253192.168.0.253****user2
user1
NIS USER DATABASE
****user1 ****
user1 foundAuthentication
SuccessfulAccess - Granted
user1 foundAuthentication
SuccessfulAccess - Granted
Requ
estto
NIS
forA
uthe
ntica
tionof
user1
Replyf
rom
NIS
Auth
entic
atin
g
user1
How NIS Authentication works ?
Linux
Client
Linux
Client
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User2
192.168.0.253192.168.0.253
-
7/28/2019 Day - 24 NIS
13/16
user2 ****
How NIS Authentication works ?
Linux
Client
Linux
Client
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User2
192.168.0.253192.168.0.253****user2
user1
NIS USER DATABASE
****
user2 ****
user2 foundAuthentication
SuccessfulAccess - Granted
user2 foundAuthentication
SuccessfulAccess - Granted
Requ
estto
NIS
forA
uthe
ntica
tionof
user2
Replyf
rom
NIS
Auth
entic
atin
g
user2
-
7/28/2019 Day - 24 NIS
14/16
How NIS Authentication works ?
LinuxClientLinuxClient
NIS
Server
NIS
Server
Linux
Client
Linux
Client
192.168.0.253192.168.0.253
User1
user1
****
How NIS Authentication works ?
Linux
Client
Linux
Client
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User1
192.168.0.253192.168.0.253****user2
user1
NIS USER DATABASE
****user1 ****
user1 foundAuthentication
SuccessfulAccess - Granted
user1 foundAuthentication
SuccessfulAccess - Granted
Request toNIS
forAuthenticationof
user1Replyfrom
NIS
Authenticating
user1
-
7/28/2019 Day - 24 NIS
15/16
How NIS Authentication works ?
LinuxClientLinuxClient
NIS
Server
NIS
Server
Linux
Client
Linux
Client
192.168.0.253192.168.0.253
User2
user2 ****
-
7/28/2019 Day - 24 NIS
16/16
How NIS Authentication works ?
LinuxClientLinuxClient
NIS
Server
NIS
Server
Linux
Client
Linux
Client
User2
192.168.0.253192.168.0.253****user2
user1
NIS USER DATABASE
****
user2 ****
user2 foundAuthentication
SuccessfulAccess - Granted
user2 foundAuthentication
SuccessfulAccess - Granted
Request toNIS
forAuthenticationof
user1Replyfrom
NIS
Authenticating
user1