2015/10/05

NIS

Introduccion:

Instalar un Network Information System (NIS)

Requerimientos:

* FreeBSD instalado
* Conexion a Internet
* Leer este tutorial

Manuales:

https://www.freebsd.org/doc/handbook/network-nis.html
http://daemon-notes.com/articles/network/unix-lan/nis
http://blog.zespre.com/posts/2014/12/freebsd-nis-nfs

Proceso:

-------------------------------------------------------------------------------------------------------------------------------------
NIS Master Server

# cat /etc/rc.conf
...
# Network Information System (NIS)
# NIS Master Server
nisdomainname="samdom.dominio.com"
nis_server_enable="YES"
nis_yppasswdd_enable="YES"
# A server that is also a client
nis_client_enable="YES" # run client stuff as well
nis_client_flags="-S samdom.dominio.com,alpha"

# mkdir /var/yp/samdom.dominio.com

# service ypserv start

# cp /etc/master.passwd /var/yp/master.passwd
# cd /var/yp
# edit /var/yp/master.passwd

Borro todos los usuarios especiales y solo dejo los que iniciaran en los equipos.

# chmod 0600 /var/yp/master.passwd

# ypinit -m samdom.dominio.com
Server Type: MASTER Domain: samdom.dominio.com

Creating an YP server will require that you answer a few questions.
Questions will all be asked at the beginning of the procedure.

Do you want this procedure to quit on non-fatal errors? [y/n: n] 

Ok, please remember to go back and redo manually whatever fails.
If you don't, something might not work.

Can we destroy the existing /var/yp/samdom.dominio.com and its contents? [y/n: n]  y

At this point, we have to construct a list of this domains YP servers.
alpha.samdom.dominio.com is already known as master server.
Please continue to add any slave servers, one per line. When you are
done with the list, type a <control D>.
        master server   :  alpha.samdom.dominio.com
        next host to add:  ^D
The current list of NIS servers looks like this:

alpha.samdom.dominio.com

Is this correct?  [y/n: y]  y

[..output from map generation..]

NIS Map update completed.

alpha.samdom.dominio.com has been setup as an YP master server without any errors.

# adduser
Username: jdoe
Full name: John Doe
Uid (Leave empty for default):
Login group [jdoe]:
Login group is jdoe. Invite jdoe into other groups? []:
Login class [default]:
Shell (sh csh tcsh nologin) [sh]:
Home directory [/home/jdoe]:
Home directory permissions (Leave empty for default):
Use password-based authentication? [yes]:
Use an empty password? (yes/no) [no]:
Use a random password? (yes/no) [no]:
Enter password:
Enter password again:
Lock out the account after creation? [no]:
Username   : jdoe
Password   : *****
Full Name  : John Doe
Uid        : 1002
Class      :
Groups     : jdoe
Home       : /home/jdoe
Home Mode  :
Shell      : /bin/sh
Locked     : no
OK? (yes/no): yes
adduser: INFO: Successfully added (jdoe) to the user database.
Add another user? (yes/no): no
Goodbye!

# cd /var/yp

# make samdom.dominio.com
`samdom.dominio.com' is up to date.

# cat /var/yp/securenets
# allow connections from local host -- mandatory
127.0.0.1       255.255.255.255
# allow connections from my LAN
# on    the 192.168.128.0 network
#192.168.128.0  255.255.255.0
# on    the 172.16.0.0 network
172.16.0.0      255.255.0.0
# allow connections from any host
# between 10.0.0.0 to 10.0.15.255
#10.0.0.0       255.255.240.0

# shutdown -r now

# dmesg -a
...
Setting NIS domain: samdom.dominio.com.
Starting rpcbind.
Starting ypserv.
Starting ypbind.

-------------------------------------------------------------------------------------------------------------------------------------
NIS Slave Server

# cat /etc/rc.conf
...
# Network Information System (NIS)
# NIS Slave Server
nisdomainname="samdom.dominio.com"
nis_server_enable="YES"
nis_yppasswdd_enable="YES"
# A server that is also a client
nis_client_enable="YES" # run client stuff as well
nis_client_flags="-S samdom.dominio.com,alpha"

# mkdir /var/yp/samdom.dominio.com

# ypinit -s alpha samdom.dominio.com
Server Type: SLAVE Domain: samdom.dominio.com Master: alpha

Creating an YP server will require that you answer a few questions.
Questions will all be asked at the beginning of the procedure.

Do you want this procedure to quit on non-fatal errors? [y/n: n]  n

Ok, please remember to go back and redo manually whatever fails.
If not, something might not work.
There will be no further questions. The remainder of the procedure
should take a few minutes, to copy the databases from alpha.
Transferring netgroup...
ypxfr: Exiting: Map successfully transferred
Transferring netgroup.byuser...
ypxfr: Exiting: Map successfully transferred
Transferring netgroup.byhost...
ypxfr: Exiting: Map successfully transferred
Transferring master.passwd.byuid...
ypxfr: Exiting: Map successfully transferred
Transferring passwd.byuid...
ypxfr: Exiting: Map successfully transferred
Transferring passwd.byname...
ypxfr: Exiting: Map successfully transferred
Transferring group.bygid...
ypxfr: Exiting: Map successfully transferred
Transferring group.byname...
ypxfr: Exiting: Map successfully transferred
Transferring services.byname...
ypxfr: Exiting: Map successfully transferred
Transferring rpc.bynumber...
ypxfr: Exiting: Map successfully transferred
Transferring rpc.byname...
ypxfr: Exiting: Map successfully transferred
Transferring protocols.byname...
ypxfr: Exiting: Map successfully transferred
Transferring master.passwd.byname...
ypxfr: Exiting: Map successfully transferred
Transferring networks.byname...
ypxfr: Exiting: Map successfully transferred
Transferring networks.byaddr...
ypxfr: Exiting: Map successfully transferred
Transferring netid.byname...
ypxfr: Exiting: Map successfully transferred
Transferring hosts.byaddr...
ypxfr: Exiting: Map successfully transferred
Transferring protocols.bynumber...
ypxfr: Exiting: Map successfully transferred
Transferring ypservers...
ypxfr: Exiting: Map successfully transferred
Transferring hosts.byname...
ypxfr: Exiting: Map successfully transferred

bravo has been setup as an YP slave server without any errors.
Remember to update map ypservers on alpha.

-------------------------------------------------------------------------------------------------------------------------------------
NIS Client

# cat /etc/rc.conf
...
# Network Information System (NIS)
# NIS Client
nisdomainname="samdom.dominio.com"
nis_client_enable="YES" # run client stuff as well
nis_client_flags="-S samdom.dominio.com,alpha

# /etc/netstart

# service ypbind start