| FAQs article 1014 |
|---|
Document ID: 1014
SYNOPSIS: How to setup NIS+ in Solaris 2.x
DETAIL DESCRIPTION:
How to setup NIS+ in Solaris 2.x.
SOLUTION SUMMARY:
Here's the steps on how to setup an NIS+ server (sunday) and an NIS+
client (sunduster).
(on the NIS+ server)
sunday# nisserver -rYd orange-demo.West.Sun.Com.
sunday# cd /etc
sunday# nispopulate -F
sunday# nisclient -c sunduster
sunday# nisaddcred -p unix.sunduster@orange-demo.West.Sun.Com -P
sunduster.or.
(then on the NIS+ client)
sunduster# domainname orange-demo.West.Sun.Com
sunduster# domainname /etc/defaultdomain
sunduster# cd /etc
sunduster# mv nsswitch.conf nsswitch.conf.orig
sunduster# cp nsswitch.nisplus nsswitch.conf
sunduster# ps -ef | grep nis_cachemgr
sunduster# nisinit -cH sunday
sunduster# ps -ef | grep keyserv
root 95 1 2 11:19:03 ? 0:00 /usr/sbin/keyserv
root 308 289 3 14:42:49 pts/1 0:00 grep keyserv
sunduster# kill 95
sunduster# keyserv
sunduster# keylogin -r
sunduster# init 6
(that's it)
------------------------------------------------------------------
(Here's the example with messages. Several clients are setup
here.)
sunday# nisserver -rYd orange-demo.West.Sun.Com.
This script sets up this machine "sunday" as a NIS+
Root Master Server for domain orange-demo.West.Sun.Com.
Domainname : orange-demo.West.Sun.Com.
NIS+ Group : admin.orange-demo.West.Sun.Com.
YP compatibility : ON
Security level : 2=DES
Is this information correct? (Y or N) y
This script will set up your machine as a Root Master server for
domain orange-demo.West.Sun.Com.
WARNING: this script removes directories and files related to
NIS+ under /var/nis directory with the exception of the
NIS_COLD_START and NIS_SHARED_DIRCACHE files which will be
** renamed to <file .no_nisplus. If you want to save these files,
you should abort from this script now to save these files first.
WARNING: once this script is executed, you will not be able to
restore the existing NIS+ server environment. However, you can
restore your NIS+ client environment using "nisclient -i"
with the proper domainname and server information.
Do you want to continue? (Y or N) y
setting up domain information "orange-demo.West.Sun.Com." ...
setting up switch information ...
running nisinit ...
This machine is in the orange-demo.West.Sun.Com. NIS+ domain.
Setting up root server ...
All done.
starting root server at security level 0 ...
running nissetup ...
org_dir.orange-demo.West.Sun.Com. created
groups_dir.orange-demo.West.Sun.Com. created
passwd.org_dir.orange-demo.West.Sun.Com. created
group.org_dir.orange-demo.West.Sun.Com. created
auto_master.org_dir.orange-demo.West.Sun.Com. created
auto_home.org_dir.orange-demo.West.Sun.Com. created
bootparams.org_dir.orange-demo.West.Sun.Com. created
cred.org_dir.orange-demo.West.Sun.Com. created
ethers.org_dir.orange-demo.West.Sun.Com. created
hosts.org_dir.orange-demo.West.Sun.Com. created
mail_aliases.org_dir.orange-demo.West.Sun.Com. created
sendmailvars.org_dir.orange-demo.West.Sun.Com. created
netmasks.org_dir.orange-demo.West.Sun.Com. created
netgroup.org_dir.orange-demo.West.Sun.Com. created
networks.org_dir.orange-demo.West.Sun.Com. created
protocols.org_dir.orange-demo.West.Sun.Com. created
rpc.org_dir.orange-demo.West.Sun.Com. created
services.org_dir.orange-demo.West.Sun.Com. created
timezone.org_dir.orange-demo.West.Sun.Com. created
adding credential for sunday.orange-demo.West.Sun.Com...
Enter login password:
Wrote secret key into /etc/.rootkey
setting NIS+ group admin.orange-demo.West.Sun.Com. ...
restarting root server at security level 2 ...
The system is now configured as a root server for domain orange-
demo.West.Sun. You can now populate the standard NIS+ tables by
using the nispopulate or /usr/lib/nis/nisaddent commands.
sunday# cd /etc
sunday# nispopulate -F
NIS+ Domainname : orange-demo.West.Sun.Com.
Directory Path : (current directory)
Is this information correct? (Y or N) y
This script will populate the following NIS+ tables for domain
orange-demo.West.Sun.Com. from the files in current directory:
auto_master auto_home ethers group hosts networks passwd
protocols services rw
Do you want to continue? (Y or N) y
populating auto_master table from file ./auto_master...
auto_master table done.
populating auto_home table from file ./auto_home...
auto_home table done.
**WARNING: file ./ethers does not exist!
ethers table will not be loaded.
populating group table from file ./group...
group table done.
populating hosts table from file ./hosts...
hosts table done.
Populating the NIS+ credential table for domain orange-
demo.West.Sun.Com. from hosts table. The passwd used will be
nisplus.
dumping hosts table...
loading credential table...
The credential table for domain orange-demo.West.Sun.Com. has
been populated.
populating networks table from file ./networks...
networks table done.
populating passwd table from file ./passwd...
passwd table done.
Populating the NIS+ credential table for domain orange-
demo.West.Sun.Com.from passwd table. The passwd used will be
nisplus.
dumping passwd table...
loading credential table...
nisaddcred: need not add LOCAL entry for root
nisaddcred: unable to create credential.
nisaddcred: need not add LOCAL entry for root
nisaddcred: unable to create credential.
The credential table for domain orange-demo.West.Sun.Com. has
been populated.
populating protocols table from file ./protocols...
protocols table done.
populating services table from file ./services...
services table done.
populating rpc table from file ./rpc...
rpc table done.
populating netmasks table from file ./netmasks...
netmasks table done.
**WARNING: file ./bootparams does not exist!
bootparams table will not be loaded.
**WARNING: file ./netgroup does not exist!
netgroup table will not be loaded.
populating aliases table from file ./aliases...
aliases table done.
populating shadow table from file ./shadow...
shadow table done.
nispopulate failed to populate the following tables:
ethers bootparams netgroup
sunday# nisclient -c sunduster
You will be adding DES credentials in domain
orange-demo.West.Sun.Com. for sunduster
** nisclient will not overwrite any existing entries in the
** credential table.
Do you want to continue? (Y or N) y
checking orange-demo.West.Sun.Com. domain...
checking cred.org_dir.orange-demo.West.Sun.Com. permission...
.... principal sunduster already exist -- skipped!
sunday# nisclient -c sunlx
You will be adding DES credentials in domain
orange-demo.West.Sun.Com. for sunlx
** nisclient will not overwrite any existing entries in the
** credential table.
Do you want to continue? (Y or N) y
checking orange-demo.West.Sun.Com. domain...
checking cred.org_dir.orange-demo.West.Sun.Com. permission...
.... principal sunlx already exist -- skipped!
sunday# nisclient -c fireball
You will be adding DES credentials in domain
orange-demo.West.Sun.Com. for fireball
** nisclient will not overwrite any existing entries in the
** credential table.
Do you want to continue? (Y or N) y
checking orange-demo.West.Sun.Com. domain...
checking cred.org_dir.orange-demo.West.Sun.Com. permission...
.... principal fireball already exist -- skipped!
sunday# nisclient -c sunsnap
You will be adding DES credentials in domain
orange-demo.West.Sun.Com. for sunsnap
** nisclient will not overwrite any existing entries in the
** credential table.
Do you want to continue? (Y or N) y
checking orange-demo.West.Sun.Com. domain...
checking cred.org_dir.orange-demo.West.Sun.Com. permission...
.... principal sunsnap already exist -- skipped!
sunday# nisclient -c solaris2
You will be adding DES credentials in domain
orange-demo.West.Sun.Com. for solaris2
** nisclient will not overwrite any existing entries in the
** credential table.
Do you want to continue? (Y or N) y
checking orange-demo.West.Sun.Com. domain...
checking cred.org_dir.orange-demo.West.Sun.Com. permission...
.... principal solaris2 already exist -- skipped!
sunday#
------------------------------------------------------------------
sunday% su
Password:
# nisaddcred -p unix.sunduster@orange-demo.West.Sun.Com -P
sunduster.orange-d.
Updating key pair for unix.sunduster@orange-demo.West.Sun.Com
(sunduster.oran.
Enter sunduster.orange-demo.West.Sun.Com's root login password:
Retype password:
# nisgrep sunduster cred.org_dir
sunduster.orange-demo.West.Sun.Com.:DES:unix.sunduster@orange-
demo.West.Sun.C3
# nisls cred.org_dir
cred.org_dir.orange-demo.West.Sun.Com.
------------------------------------------------------------------
sunday# rlogin sunduster
Last login: Wed Nov 3 14:21:51 from sunday
Sun Microsystems Inc. SunOS 5.2 Generic March 1993
you have mail
# /bin/csh
sunduster# domainname
sunduster# cd /etc
sunduster# domainname orange-demo.West.Sun.Com
sunduster# domainname
orange-demo.West.Sun.Com
sunduster# domainname /etc/defaultdomain
sunduster# cat /etc/defaultdomain
orange-demo.West.Sun.Com
sunduster# more /etc/nsswitch.conf
#
# /etc/nsswitch.files:
#
# An example file that could be copied over to
# /etc/nsswitch.conf;
# it does not use any naming service.
#
# "hosts:" and "services:" in this file are used only if the
# /etc/netconfig file contains "switch.so" as a nametoaddr
# library for "inet" transports.
passwd: files
group: files
hosts: files
networks: files
protocols: files
rpc: files
ethers: files
netmasks: files
bootparams: files
publickey: files
# At present there isn't a 'files' backend for netgroup; the
# system will figure it out pretty quickly, and won't use
# netgroups at all.
netgroup: files
automount: files
aliases: files
services: files
sunduster# more /etc/nsswitch.nisplus
#
# /etc/nsswitch.nisplus:
#
# An example file that could be copied over to
# /etc/nsswitch.conf;
# it uses NIS+ (NIS Version 3) in conjunction with files.
#
# "hosts:" and "services:" in this file are used only if the
# /etc/netconfig file contains "switch.so" as a nametoaddr
# library for "inet" transports.
# the following two lines obviate the "+" entry in /etc/passwd
# and /etc/group.
passwd: files nisplus
group: files nisplus
# consult /etc "files" only if nisplus is down.
hosts: nisplus [NOTFOUND=return] files
#Uncomment the following line, and comment out the above, to use
#both DNS and+ hosts: nisplus dns [NOTFOUND=return] files
services: nisplus [NOTFOUND=return] files
networks: nisplus [NOTFOUND=return] files
protocols: nisplus [NOTFOUND=return] files
rpc: nisplus [NOTFOUND=return] files
ethers: nisplus [NOTFOUND=return] files
netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
publickey: nisplus
netgroup: nisplus
automount: files nisplus
aliases: files nisplus
sendmailvars: files nisplus
sunduster# cd /etc
sunduster# mv nsswitch.conf nsswitch.conf.orig
sunduster# cp nsswitch.nisplus nsswitch.conf
sunduster# ls /var/nis
sunduster# ps -ef | grep nis_cachemgr
sunduster# cat /etc/hosts
#
# Internet host table
#
127.0.0.1 localhost
#
129.153.22.244 sunduster loghost
129.153.22.2 sunday
129.153.22.50 tucson
129.153.22.58 ocloaner
129.153.22.30 sunlx
129.153.22.40 classic
129.153.22.20 ss1000
129.153.22.35 jaguar
sunduster# nisinit -cH sunday
This machine is in the orange-demo.West.Sun.Com. NIS+ domain.
Setting up NIS+ client ...
All done.
sunduster# ps -ef | grep keyserv
root 95 1 2 11:19:03 ? 0:00 /usr/sbin/keyserv
root 308 289 3 14:42:49 pts/1 0:00 grep keyserv
sunduster# kill 95
sunduster# keyserv
sunduster# keylogin -r
Password:
Wrote secret key into /etc/.rootkey
sunduster# init 6
sunduster# Connection closed.
sunday#
DATE APPROVED: 09/16/97
KEYWORDS: setup NIS+ server client
OS RELEASE: 2.x
|
Home
|
Free Services
|
Contract Services
|
Account Services
Table of Contents | Comments about SunSolve | Help | SunSolve FAQ's |