As soon as multiple UNIX systems in a network want to access common resources, it becomes important that all user and group identities are the same for all machines in that network. The network should be transparent to the user: whatever machine a user uses, he always finds himself in exactly the same environment. This is made possible by means of NIS and NFS services. NFS distributes file systems over a network and is discussed in Section 20.10, NFS — Shared File Systems.
NIS (Network Information Service) can be described as a database-like service that provides access to the contents of /etc/passwd, /etc/shadow, and /etc/group across networks. NIS can also be used for other purposes (to make available the contents of files like /etc/hosts or /etc/services, for instance), but this is beyond the scope of this introduction. People often refer to NIS as YP, which simply stands for the idea of the network’s “yellow pages.”
For the configuration, select NIS Server from the YaST module Network Services. If no NIS server existed so far in your network, activate Install and Set up a Master NIS Server in the next screen. If you already have a NIS server (a master), you can add a NIS slave server (for example, if you want to configure a new subnetwork). First, the configuration of the master server is described.
If some needed packages are missing, insert the respective CD or DVD as requested to install the packages automatically. Enter the domain name at the top of the configuration dialog, which is shown in Figure 20-32. With the check box, define whether the host should also be a NIS client, enabling users to log in and access data from the NIS server.
Figure 20-32 YaST: NIS Server Configuration Tool
To configure additional NIS servers (slave servers) in your network afterwards, activate Active Slave NIS Server Exists now. Select Fast Map Distribution to set fast transfer of the database entries from the master to the slave server.
To allow users in your network (both local users and those managed through the NIS server) to change their passwords on the NIS server (with the command yppasswd), activate the corresponding option. This makes Allow Changes to GECOS Field and Allow Changes to Login Shell available. “GECOS” means that the users can also change their names and address settings with the command ypchfn. “SHELL” allows users to change their default shell with the command ypchsh, for example, to switch from bash to sh.
By clicking Other Global Settings..., access a screen, shown in Figure 20-33, in which to change the source directory of the NIS server (/etc by default). In addition, passwords and groups can be merged here. The setting should be Yes so the files (/etc/passwd, /etc/shadow, and /etc/group) can be synchronized. Also determine the smallest user and group ID. Press OK to confirm your settings and return to the previous screen. Then click Next.
Figure 20-33 YaST: Changing the Directory and Synchronizing Files for a NIS Server
If you previously enabled Active Slave NIS Server Exists, enter the host names used as slaves and click Next. If you do not use slave servers, the slave configuration is skipped and you continue directly to the dialog for the database configuration. Here, specify the maps, the partial databases to transfer from the NIS server to the client. The default settings are usually adequate.
Next continues to the last dialog, shown in Figure 20-34. Specify from which networks requests can be sent to the NIS server. Normally, this is your internal network. In this case, there should be the following two entries:
255.0.0.0 127.0.0.0 0.0.0.0 0.0.0.0
The first one enables connections from your own host, which is the NIS server. The second one allows all hosts with access to the same network to send requests to the server.
Figure 20-34 YaST: Setting Request Permissions for a NIS Server
This module facilitates the configuration of the NIS client. After choosing to use NIS and, depending on the circumstances, the automounter, this dialog opens. Select whether the host has a fixed IP address or receives one issued by DHCP. DHCP also provides the NIS domain and the NIS server. For further information about DHCP, see Section 20.11, DHCP. If a static IP address is used, specify the NIS domain and the NIS server manually (see Figure 20-35). Find makes YaST search for an active NIS server in your network.
In addition, you can specify multiple domains with one default domain. Use Add to specify multiple servers including the broadcast function for the individual domains.
In the expert settings, check Answer to the Local Host Only if you do not want other hosts to be able to query which server your client is using. By checking Broken Server, the client is enabled to receive replies from a server communicating through an unprivileged port. For further information, see man ypbind.
Figure 20-35 Setting Domain and Address of NIS Server