差異處

這裏顯示兩個版本的差異處。

連向這個比對檢視

Both sides previous revision 前次修改
下次修改 		前次修改
nis [2017/01/04 21:39]
127.0.0.1 		nis [2017/01/12 21:11] (目前版本)
jz
行 3: 行 3:
 ===== server ===== ===== server =====
  
 +add to rc.conf
  
-rc.conf 
 <​code>​ <​code>​
 nisdomainname="​csna"​ nisdomainname="​csna"​
-nis_server_enable="​YES" ​        ​+nis_server_enable="​YES"​
 nis_yppasswdd_enable="​YES"​ nis_yppasswdd_enable="​YES"​
 nis_client_enable="​YES"​ nis_client_enable="​YES"​
-nis_client_flags="​-S ​NIS domain,server"+nis_client_flags="​-S ​csna,csna1"
 </​code>​ </​code>​
  
 +start yp service 
 +<​code>​ 
 +domainname csna
 service ypserv start service ypserv start
 +</​code>​
  
 +init master
 +<​code>​
 cp /​etc/​master.passwd /​var/​yp/​master.passwd cp /​etc/​master.passwd /​var/​yp/​master.passwd
 +cp /etc/group /​var/​yp/​group
 cd /var/yp cd /var/yp
-vi master.passwd+vi master.passwd ​# delete admin account 
 +vi group # delete admin group
 vi Makefile vi Makefile
-comment out +comment out this line: NOPUSH = "​True"​ 
-NOPUSH = "​True"​ +make 
 +ypinit -m
 <​code>​ <​code>​
-freebsd@csna:/​var/​yp % sudo ypinit -m csna 
-Server Type: MASTER Domain: csna 
- 
-Creating an YP server will require that you answer a few questions. 
-Questions will all be asked at the beginning of the procedure. 
- 
-Do you want this procedure to quit on non-fatal errors? [y/n: n]  n 
- 
-Ok, please remember to go back and redo manually whatever fails. 
-If you don't, something might not work.  
- 
-Can we destroy the existing /​var/​yp/​csna and its contents? [y/n: n]  ​ 
-OK, please clean it up by hand and start again. ​ Bye 
-freebsd@csna:/​var/​yp % sudo ypinit -m csna 
 Server Type: MASTER Domain: csna Server Type: MASTER Domain: csna
  
行 55: 行 48:
 done with the list, type a <control D>. done with the list, type a <control D>.
  master server ​  : ​ csna  master server ​  : ​ csna
- next host to add:  csna-slave1 
  next host to add:  ^D  next host to add:  ^D
 The current list of NIS servers looks like this: The current list of NIS servers looks like this:
  
 csna csna
-csna-slave1 
  
 Is this correct? ​ [y/n: y]  y Is this correct? ​ [y/n: y]  y
 </​code>​ </​code>​
  
 +start yp password daemon
 +<​code>​
 +service yppasswdd start
 +</​code>​
  
 ===== client ===== ===== client =====
-ypinit ​-s nisserver nisdomain+add to rc.conf 
 + 
 +<​code>​ 
 +nisdomainname="​csna"​ 
 +nis_client_enable="​YES"​ 
 +nis_client_flags="​nis_yppasswdd_flags="​-t /​etc/​master.passwd"​ -S csna,​csna1"​ 
 +</​code>​ 
 + 
 +<​code>​ 
 +domainname csna 
 +service ypbind start 
 +</​code>​ 
 + 
 +==== allow nis account to login to client ==== 
 + 
 +install mkhomedir pam 
 +<​code>​ 
 +sudo pkg install pam_mkhomedir 
 +</​code>​ 
 + 
 +add following to the session section of /​etc/​pam.d/​system 
 +<​code>​ 
 +session ​        ​required ​       /​usr/​local/​lib/​pam_mkhomedir.so 
 +</​code>​ 
 + 
 +==== allow nis account to login to client ==== 
 + 
 +''​vipw''​ and add following line 
 +<​code>​ 
 ++:​*::::::::​ 
 +</​code>​ 
 + 
 +''​vi /​etc/​group''​ and add following line 
 +<​code>​ 
 ++:*:: 
 +</​code>​ 
 + 
 +or edit ''/​etc/​nsswitch.conf''​ 
 +remove 
 +<​code>​ 
 +group: compat 
 +group_compat:​ nis 
 +passwd: compat 
 +passwd_compat:​ nis 
 +</​code>​ 
 + 
 +add 
 +<​code>​ 
 +group: files nis 
 +passwd: files nis 
 +</​code>​ 
 + 
 +===== debug ===== 
 +<​code>​ 
 +rpcinfo -p serverhost 
 +ypwhich 
 +ypcat -x 
 +ypcat passwd 
 +ps aux | grep yp # must have only one process for ypbind 
 +</​code>​ 
  
-nis_yppasswdd_flags="​-t /​var/​yp/​master.passwd" ​   //指定 NIS 密碼檔路徑 +**ref**
-rpcbind_enable="​YES" ​                             //4.x 為啟動 portmap+
  
 +[[http://​mail.lsps.tp.edu.tw/​~gsyan/​freebsd2001/​pam_ldap.html]]