Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Linux NIS / NIS+ Tutorial
Previous Page Home Next Page

7. Setting Up the NIS Client

7.1. The ypbind daemon

After you have succesfully compiled the software you are now ready to install it. A suitable place for the ypbind daemon is the directory /usr/sbin. Some people may tell you that you don't need ypbind on a system with NYS. This is wrong. ypwhich and ypcat need it always.

You must do this as root of course. The other binaries (ypwhich, ypcat, yppasswd, yppoll, ypmatch) should go in a directory accessible by all users, normally /usr/bin.

Newer ypbind versions have a configuration file called /etc/yp.conf. You can hardcode a NIS server there - for more info see the manual page for ypbind(8). You also need this file for NYS. An example:

ypserver 10.10.0.1
ypserver 10.0.100.8
ypserver 10.3.1.1

If the system can resolve the hostnames without NIS, you may use the name, otherwise you have to use the IP address. ypbind 3.3 has a bug and will only use the last entry (ypserver 10.3.1.1 in the example). All other entries are ignored. ypbind-mt handle this correct and uses that one, which answerd at first.

It might be a good idea to test ypbind before incorporating it in the startup files. To test ypbind do the following:

  • Make sure you have your YP-domain name set. If it is not set then issue the command:

               /bin/domainname nis.domain
    
    where nis.domain should be some string _NOT_ normally associated with the DNS-domain name of your machine! The reason for this is that it makes it a little harder for external crackers to retreive the password database from your NIS servers. If you don't know what the NIS domain name is on your network, ask your system/network administrator.
  • Start up "/sbin/portmap" if it is not already running.

  • Create the directory /var/yp if it does not exist.

  • Start up /usr/sbin/ypbind

  • Use the command rpcinfo -p localhost to check if ypbind was able to register its service with the portmapper. The output should look like:

           program vers proto   port
            100000    2   tcp    111  portmapper
            100000    2   udp    111  portmapper
            100007    2   udp    637  ypbind
            100007    2   tcp    639  ypbind
    
    or
           program vers proto   port
            100000    2   tcp    111  portmapper
            100000    2   udp    111  portmapper
            100007    2   udp    758  ypbind
            100007    1   udp    758  ypbind
            100007    2   tcp    761  ypbind
            100007    1   tcp    761  ypbind
    
    Depending on the ypbind version you are using.
  • You may also run rpcinfo -u localhost ypbind. This command should produce something like:

            program 100007 version 2 ready and waiting
    
    or
            program 100007 version 1 ready and waiting
            program 100007 version 2 ready and waiting
    
    The output depends on the ypbind version you have installed. Important is only the "version 2" message.

At this point you should be able to use NIS client programs like ypcat, etc... For example, ypcat passwd.byname will give you the entire NIS password database.

IMPORTANT: If you skipped the test procedure then make sure you have set the domain name, and created the directory

    /var/yp

This directory MUST exist for ypbind to start up succesfully.

To check if the domainname is set correct, use the /bin/ypdomainname from yp-tools 2.2. It uses the yp_get_default_domain() function which is more restrict. It doesn't allow for example the "(none)" domainname, which is the default under Linux and makes a lot of problems.

If the test worked you may now want to change your startupd files so that ypbind will be started at boot time and your system will act as a NIS client. Make sure that the domainname will be set before you start ypbind.

Well, that's it. Reboot the machine and watch the boot messages to see if ypbind is actually started.

Linux NIS / NIS+ Tutorial
Previous Page Home Next Page

 
 
  Published under the terms of the Open Publication License Design by Interspire