本頁是唯讀的，您可以看到原始碼，但不能更動它。您如果覺得它不應被鎖上，請詢問管理員。

====== NIS ====== ===== server ===== add to rc.conf <code> nisdomainname="csna" nis_server_enable="YES" nis_yppasswdd_enable="YES" nis_client_enable="YES" nis_client_flags="-S csna,csna1" </code> start yp service <code> domainname csna service ypserv start </code> init master <code> cp /etc/master.passwd /var/yp/master.passwd cp /etc/group /var/yp/group cd /var/yp vi master.passwd # delete admin account vi group # delete admin group vi Makefile # comment out this line: NOPUSH = "True" make ypinit -m <code> Server Type: MASTER Domain: csna Creating an YP server will require that you answer a few questions. Questions will all be asked at the beginning of the procedure. Do you want this procedure to quit on non-fatal errors? [y/n: n] n Ok, please remember to go back and redo manually whatever fails. If you don't, something might not work. Can we destroy the existing /var/yp/csna and its contents? [y/n: n] y At this point, we have to construct a list of this domains YP servers. csna is already known as master server. Please continue to add any slave servers, one per line. When you are done with the list, type a <control D>. master server : csna next host to add: ^D The current list of NIS servers looks like this: csna Is this correct? [y/n: y] y </code> start yp password daemon <code> service yppasswdd start </code> ===== client ===== add to rc.conf <code> nisdomainname="csna" nis_client_enable="YES" nis_client_flags="nis_yppasswdd_flags="-t /etc/master.passwd" -S csna,csna1" </code> <code> domainname csna service ypbind start </code> ==== allow nis account to login to client ==== install mkhomedir pam <code> sudo pkg install pam_mkhomedir </code> add following to the session section of /etc/pam.d/system <code> session required /usr/local/lib/pam_mkhomedir.so </code> ==== allow nis account to login to client ==== ''vipw'' and add following line <code> +:*:::::::: </code> ''vi /etc/group'' and add following line <code> +:*:: </code> or edit ''/etc/nsswitch.conf'' remove <code> group: compat group_compat: nis passwd: compat passwd_compat: nis </code> add <code> group: files nis passwd: files nis </code> ===== debug ===== <code> rpcinfo -p serverhost ypwhich ypcat -x ypcat passwd ps aux | grep yp # must have only one process for ypbind </code> **ref** [[http://mail.lsps.tp.edu.tw/~gsyan/freebsd2001/pam_ldap.html]]