差異處
這裏顯示兩個版本的差異處。
| Both sides previous revision 前次修改 下次修改 | 前次修改 | ||
|
nis [2017/01/05 15:58] 127.0.0.1 |
nis [2017/01/12 21:11] (目前版本) jz |
||
|---|---|---|---|
| 行 12: | 行 12: | ||
| nis_client_flags="-S csna,csna1" | nis_client_flags="-S csna,csna1" | ||
| </code> | </code> | ||
| - | domainname csna | + | |
| - | start service | + | start yp service |
| <code> | <code> | ||
| + | domainname csna | ||
| service ypserv start | service ypserv start | ||
| - | service yppasswdd start | ||
| </code> | </code> | ||
| - | make config | + | init master |
| <code> | <code> | ||
| cp /etc/master.passwd /var/yp/master.passwd | cp /etc/master.passwd /var/yp/master.passwd | ||
| + | cp /etc/group /var/yp/group | ||
| cd /var/yp | cd /var/yp | ||
| - | vi master.passwd | + | vi master.passwd # delete admin account |
| + | vi group # delete admin group | ||
| vi Makefile | vi Makefile | ||
| # comment out this line: NOPUSH = "True" | # comment out this line: NOPUSH = "True" | ||
| make | make | ||
| - | </code> | + | ypinit -m |
| - | + | ||
| - | init master | + | |
| <code> | <code> | ||
| Server Type: MASTER Domain: csna | Server Type: MASTER Domain: csna | ||
| 行 56: | 行 56: | ||
| </code> | </code> | ||
| + | start yp password daemon | ||
| + | <code> | ||
| + | service yppasswdd start | ||
| + | </code> | ||
| ===== client ===== | ===== client ===== | ||
| + | add to rc.conf | ||
| + | |||
| <code> | <code> | ||
| + | nisdomainname="csna" | ||
| + | nis_client_enable="YES" | ||
| + | nis_client_flags="nis_yppasswdd_flags="-t /etc/master.passwd" -S csna,csna1" | ||
| + | </code> | ||
| + | |||
| + | <code> | ||
| + | domainname csna | ||
| service ypbind start | service ypbind start | ||
| + | </code> | ||
| + | |||
| + | ==== allow nis account to login to client ==== | ||
| + | |||
| + | install mkhomedir pam | ||
| + | <code> | ||
| + | sudo pkg install pam_mkhomedir | ||
| + | </code> | ||
| + | |||
| + | add following to the session section of /etc/pam.d/system | ||
| + | <code> | ||
| + | session required /usr/local/lib/pam_mkhomedir.so | ||
| + | </code> | ||
| + | |||
| + | ==== allow nis account to login to client ==== | ||
| + | |||
| + | ''vipw'' and add following line | ||
| + | <code> | ||
| + | +:*:::::::: | ||
| + | </code> | ||
| + | |||
| + | ''vi /etc/group'' and add following line | ||
| + | <code> | ||
| + | +:*:: | ||
| + | </code> | ||
| + | |||
| + | or edit ''/etc/nsswitch.conf'' | ||
| + | remove | ||
| + | <code> | ||
| + | group: compat | ||
| + | group_compat: nis | ||
| + | passwd: compat | ||
| + | passwd_compat: nis | ||
| + | </code> | ||
| + | |||
| + | add | ||
| + | <code> | ||
| + | group: files nis | ||
| + | passwd: files nis | ||
| </code> | </code> | ||
| 行 68: | 行 120: | ||
| ypcat -x | ypcat -x | ||
| ypcat passwd | ypcat passwd | ||
| + | ps aux | grep yp # must have only one process for ypbind | ||
| </code> | </code> | ||
| + | |||
| + | **ref** | ||
| + | |||
| + | [[http://mail.lsps.tp.edu.tw/~gsyan/freebsd2001/pam_ldap.html]] | ||
