歡迎您光臨本站 註冊首頁

linux -nis

←手機掃碼閱讀     火星人 @ 2014-03-08 , reply:0

NIS網路信息服務


38-1

註:

1)rpc 遠程進程調用

2)Ypserver 驗證用戶身份

3)yppasswd 用戶更改伺服器的口令

NIS、域、工作組的區別:

1).NIS網路信息服務

NIS

MASTER,SLAVE

2).域:

是集中管理的.DC(域的管理者)

--NIS管理類似於域管理.

3).工作組:

是管理分散的的

1.安裝NIS服務相關的包

安裝

ypserver,yppasswdd,默認portmap是安裝過的.

[root@myhost ~]# mount /dev/cdrom /mnt/cdrom

[root@myhost ~]# rpm -qa ypserver

[root@myhost ~]# rpm -qa |grep portmap

portmap-4.0-65.2.2.1

[root@myhost ~]# LANG=en_US.UTF-8

--查看portmap 是否正常工作的 (後跟地址可以查看某一伺服器的)

[root@myhost ~]# rpcinfo -p

program vers proto port

100000 2 tcp 111 portmapper

100000 2 udp 111 portmapper

100024 1 udp 789 status

100024 1 tcp 792 status

--查包是否已安裝

[root@myhost ~]# rpm -qa |grep ypser

[root@myhost ~]# rpm -qa |grep yppass

[root@myhost ~]# cd /mnt/cdrom/

[root@myhost cdrom]# cd /mnt/cdrom/Server/

[root@myhost Server]# ll ypser*

-r--r--r-- 99 root root 137048 Aug 12 2008 ypserv-2.19-5.el5.i386.rpm

--查看yppass 服務是否存在

[root@myhost Server]# chkconfig --list |grep yppass

-- ypass 包裹在ypserver

[root@myhost Server]# rpm -qlp ypserv-2.19-5.el5.i386.rpm |less|grep yppass*

/etc/rc.d/init.d/yppasswdd

/etc/sysconfig/yppasswdd

/usr/sbin/rpc.yppasswdd

/usr/share/man/man8/rpc.yppasswdd.8.gz

/usr/share/man/man8/yppasswdd.8.gz

[root@myhost Server]# rpm -ivh ypserv-2.19-5.el5.i386.rpm

2.啟動服務

[root@myhost Server]# chkconfig

chkconfig version 1.3.30.1 - Copyright (C) 1997-2000 Red Hat, Inc.

This may be freely redistributed under the terms of the GNU Public License.

usage: chkconfig --list [name]

chkconfig --add <name>

chkconfig --del <name>

chkconfig [--level <levels>] <name> <on|off|reset|resetpriorities>

--啟動

ypserv

[root@myhost Server]# chkconfig ypserv on

--chkconfig --level 35 yppasswdd on 可以設置在某一基本啟動

[root@myhost Server]# chkconfig --list |grep ypserv

ypserv 0:off 1:off 2:on 3:on 4:on 5:on 6:off

--啟動yppasswd

[root@myhost Server]# chkconfig yppasswdd on

[root@myhost Server]# chkconfig --list |grep yppass

yppasswdd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

[root@myhost Server]#

3.創建本地賬號導入到nis server 的資料庫

3.1創建本地賬號

[root@myhost ~]# useradd user1

[root@myhost ~]# passwd user1

[root@myhost ~]# useradd user2

[root@myhost ~]# passwd user2

[root@myhost ~]# cat /etc/passwd

[root@myhost ~]# cat /etc/shadow

3.2編輯Makefile文件

[root@myhost Server]# cd /var/yp

[root@myhost yp]# vim Makefile

# If we have only one server, we don't have to push the maps to the

# slave servers (NOPUSH=true). If you have slave servers, change this

# to "NOPUSH=false" and put all hostnames of your slave servers in the file

# /var/yp/ypservers.

23 NOPUSH=true

--

不使用推,默認不推.master主動拷貝資料給slave伺服器時是推的關係.

# MINGID is the lowest gid that will be included in the group maps.

32 MINUID=500

33 MINGID=500

--500及之後的用戶導入到nis server資料庫

55 # These are the source directories for the NIS files; normally

56 # that is /etc but you may want to move the source for the password

57 # and group files to (for example) /var/yp/ypfiles. The directory

58 # for passwd, group and shadow is defined by YPPWDDIR, the rest is

59 # taken from YPSRCDIR.

60 #

61 YPSRCDIR = /etc

62 YPPWDDIR = /etc

63 YPBINDIR = /usr/lib/yp

64 YPSBINDIR = /usr/sbin

65 YPDIR = /var/yp

66 YPMAPDIR = $(YPDIR)/$(DOMAIN)

117 all: passwd group hosts \

4.定義nis域名

[root@myhost yp]# vim /etc/sysconfig/network

--添加一行

NISDOMAIN=nisexample

[root@myhost yp]#init 6

--重啟

5.設置NIS伺服器類型

[root@nisexample yp]# /usr/lib/yp/ypinit

usage:

ypinit -m --master server

ypinit -s master --slave server

where -m is used to build the data bases on a master NIS server,

and -s is used for a slave data base. master must be an existing

reachable NIS server.

[root@nisexample ~]# /usr/lib/yp/ypinit -m

At this point, we have to construct a list of the hosts which will run NIS

servers. nisexample is in the list of NIS server hosts. Please continue to add

the names for the other hosts, one per line. When you are done with the

list, type a <control D>.

next host to add: nisexample

next host to add: --添加其他主機,如果沒有ctr d 跳過

The current list of NIS servers looks like this:

nisexample

Is this correct? [y/n: y] y

We need a few minutes to build the databases...

Building /var/yp/nisexample/ypservers...

gethostbyname(): Success

Running /var/yp/Makefile...

gmake[1]: Entering directory `/var/yp/nisexample'

Updating passwd.byname...

Updating passwd.byuid...

Updating group.byname...

Updating group.bygid...

Updating hosts.byname...

Updating hosts.byaddr...

gmake[1]: Leaving directory `/var/yp/nisexample'

nisexample has been set up as a NIS master server.

Now you can run ypinit -s nisexample on all slave server.

[root@nisexample ~]# cd /var/yp/nisexample/

[root@nisexample nisexample]# ll

total 112

-rw------- 1 root root 12450 Oct 5 13:16 group.bygid

-rw------- 1 root root 12456 Oct 5 13:15 group.byname

-rw------- 1 root root 12499 Oct 5 13:16 hosts.byaddr

-rw------- 1 root root 12520 Oct 5 13:16 hosts.byname

-rw------- 1 root root 12637 Oct 5 13:15 passwd.byname

-rw------- 1 root root 12631 Oct 5 13:15 passwd.byuid

-rw------- 1 root root 12358 Oct 5 13:15 ypservers

[root@nisexample nisexample]#

6.配置客戶端

首先客戶端要加入到nis

6.1檢查ypbind

[root@nis-client ~]# chkconfig --list|grep ypb

ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off

[root@nis-client ~]# authconfig-tui

6.2把客戶端機器加入域環境

#authconfig-tui

1) 選擇

[*]use nis


38-2

2domain nisexample

server 192.168.100.70


38-3

Stopping portmap: [ OK ]

Starting portmap: [ OK ]

Binding to the NIS domain: [ OK ]

Listening for an NIS domain server.

7.伺服器上創建用戶導入到資料庫,實現在客戶端能夠登陸

[root@nis-server yp]# useradd tom

[root@nis-server yp]# passwd tom

[root@nis-server yp]# tail /etc/passwd

tom:x:503:503::/home/tom:/bin/bash

[root@nis-server yp]# pwd

/var/yp

[root@nis-server yp]#

[root@nis-server yp]# make ---–重新導出資料庫

gmake[1]: Entering directory `/var/yp/nisexample'

Updating passwd.byname...

Updating passwd.byuid...

Updating group.byname...

Updating group.bygid...

gmake[1]: Leaving directory `/var/yp/nisexample'

[root@nis-server yp]#

[root@nis-server yp]#

用戶可以通過身份驗證登陸,但是會找不到家目錄,登陸出現:-bash-3.2$

8.更改用戶在客戶端登陸的家目錄問題

8.1在伺服器端

掛載server/home目錄到本地 ,用戶在本地登陸就可以找到自己的家目錄了

編輯共享清單

[root@nis-server yp]# vim /etc/exports

/home 192.168.100.0/255.255.255.0(rw,sync) –----在該網段可讀可寫、保持同步

~

啟動nfs服務

[root@nis-server yp]# service nfs start

Starting NFS services: [ OK ]

Starting NFS quotas: [ OK ]

Starting NFS daemon:

[ OK ]

Starting NFS mountd: [ OK ]

[root@nis-server yp]# exportfs rv

導出共享清單

[root@nis-server yp]# exportfs -rv

exporting 192.168.100.0/255.255.255.0:/home

[root@nis-server yp]#

8.2客戶端配置

客戶端掛載伺服器的/home

[root@nis-client ~]#

[root@nis-client ~]# mount 192.168.100.70:/home /home

[root@nis-client ~]# mount

192.168.100.70:/home on /home type nfs (rw,addr=192.168.100.70)

[root@nis-client ~]# ll /home

total 24

drwx------ 3 jim jim 4096 Oct 5 14:04 jim

drwx------ 3 tom tom 4096 Oct 5 13:45 tom

drwx------ 3 user user 4096 Sep 16 00:16 user

drwx------ 3 user1 user1 4096 Oct 5 11:38 user1

drwx------ 3 user2 user2 4096 Oct 5 11:38 user2

[root@nis-client ~]#

用戶在客戶端登陸正常:

[tom@nis-client ~]$

9.自動掛載

解決伺服器負擔

9.1Nis-server

重新創建nis的家目錄

[root@nis-server yp]# mkdir /nishome

[root@nis-server yp]# useradd -d /nishome/user9 user9

[root@nis-server yp]# useradd -d /nishome/user10 user10

[root@nis-server yp]# passwd user9

[root@nis-server yp]# passwd user10

[root@nis-server yp]# make

gmake[1]: Entering directory `/var/yp/nisexample'

Updating passwd.byname...

Updating passwd.byuid...

Updating group.byname...

Updating group.bygid...

gmake[1]: Leaving directory `/var/yp/nisexample'

[root@nis-server yp]#

[root@nis-server yp]# vim /etc/exports

/nishome 192.168.100.0/255.255.255.0(rw,sync)

[root@nis-server yp]# exportfs -rv

exporting 192.168.100.0/255.255.255.0:/nishome

[root@nis-server yp]#

[root@nis-server yp]# servcie nfs restart

9.2 Nis-Client

[root@nis-client etc]# ll -d /nishome

drwxr-xr-x 2 root root 0 Oct 5 14:44 /nishome

[root@nis-client etc]# chmod o wt /nishome/

[root@nis-client etc]# ll -d /nishome

drwxr-xrwt 2 root root 0 Oct 5 14:44 /nishome

[root@nis-client ~]# vim /etc/auto.m

auto.master auto.misc

[root@nis-client ~]# vim /etc/auto.master

/nishome /etc/auto.nis --timeout=60

--添加監控文件,超出時間60

[root@nis-client ~]# cd /etc/

[root@nis-client etc]# cp auto.misc auto.nis

[root@nis-client etc]# vim auto.nis

user9 -rw,soft,intr 192.168.100.70:/nishome/user9

user10 -rw,soft,intr 192.168.100.70:/nishome/user10

有人進入user9時,可讀可寫 允許報錯 允許中斷;把伺服器的user9掛到本地user9

用戶實現客戶端的登錄

客戶機不需配置賬號

只需在伺服器上配置賬號就可以了

[root@nis-client etc]# showmount -e 192.168.100.70

Export list for 192.168.100.70:

/home 192.168.100.0/255.255.255.0

[root@nis-client etc]# service autofs restart

Stopping automount: [ OK ]

Starting automount: [ OK ]

[root@nis-client etc]#

[root@nis-client etc]# mount 192.168.100.70:/nishome /nishome

[root@nis-client etc]#

User9在客戶端登陸:

[user9@nis-client ~]$

9.3.多用戶自動掛載

Nis-server

[root@nis-server yp]# passwd user11

Changing password for user user11.

New UNIX password:

BAD PASSWORD: it is WAY too short

Retype new UNIX password:

passwd: all authentication tokens updated successfully.

[root@nis-server yp]#

[root@nis-server yp]#

[root@nis-server yp]# make

gmake[1]: Entering directory `/var/yp/nisexample'

Updating passwd.byname...

Updating passwd.byuid...

Updating group.byname...

Updating group.bygid...

gmake[1]: Leaving directory `/var/yp/nisexample'

[root@nis-server yp]#

Nis-client

[root@nis-client etc]# vim /etc/auto.nis

* -rw,soft,intr 192.168.100.70:/nishome/&

用戶多了,可以用一句

*表示要進入客戶端的用戶

--*替換&

&表示將該*用戶在伺服器上的目錄自動掛載過來、

[root@nis-client etc]# service autofs restart

Stopping automount: [ OK ]

Starting automount: [ OK ]

[root@nis-client etc]#

[root@nis-client etc]#

用戶在client登陸

[user11@nis-client ~]$


[火星人 ] linux -nis已經有705次圍觀

http://coctec.com/docs/linux/show-post-46454.html