NIS

add to rc.conf

nisdomainname="csna"
nis_server_enable="YES"
nis_yppasswdd_enable="YES"
nis_client_enable="YES"
nis_client_flags="-S csna,csna1"

start yp service

domainname csna
service ypserv start

init master

cp /etc/master.passwd /var/yp/master.passwd
cp /etc/group /var/yp/group
cd /var/yp
vi master.passwd # delete admin account
vi group # delete admin group
vi Makefile
# comment out this line: NOPUSH = "True"
make
ypinit -m
<code>
Server Type: MASTER Domain: csna

Creating an YP server will require that you answer a few questions.
Questions will all be asked at the beginning of the procedure.

Do you want this procedure to quit on non-fatal errors? [y/n: n]  n

Ok, please remember to go back and redo manually whatever fails.
If you don't, something might not work. 

Can we destroy the existing /var/yp/csna and its contents? [y/n: n]  y

At this point, we have to construct a list of this domains YP servers.
csna is already known as master server.
Please continue to add any slave servers, one per line. When you are
done with the list, type a <control D>.
	master server   :  csna
	next host to add:  ^D
The current list of NIS servers looks like this:

csna

Is this correct?  [y/n: y]  y

start yp password daemon

service yppasswdd start

add to rc.conf

nisdomainname="csna"
nis_client_enable="YES"
nis_client_flags="nis_yppasswdd_flags="-t /etc/master.passwd" -S csna,csna1"

domainname csna
service ypbind start

install mkhomedir pam

sudo pkg install pam_mkhomedir

add following to the session section of /etc/pam.d/system

session         required        /usr/local/lib/pam_mkhomedir.so

vipw and add following line

+:*::::::::

vi /etc/group and add following line

+:*::

or edit /etc/nsswitch.conf remove

group: compat
group_compat: nis
passwd: compat
passwd_compat: nis

add

group: files nis
passwd: files nis

rpcinfo -p serverhost
ypwhich
ypcat -x
ypcat passwd
ps aux | grep yp # must have only one process for ypbind

ref

http://mail.lsps.tp.edu.tw/~gsyan/freebsd2001/pam_ldap.html