Networking / Beginners

Network Information System (NIS)

NIS (formerly YP) is to UNIX, what a Domain Controller is to Windows. Basically, NIS allows a group of workstations to share a common set of configuration files such as passwords database, group database, hosts files, and so on.

NIS in conjunction with NFS can offer roaming users profile that will allow users to log into any of the NIS member workstations and feel like they're at home (same home directory and configuration).

Obviously, NIS follows Client/Server model in which there is at least one server (master server), and optionally one or more slave servers.

There are also one or more clients that are members of the "NIS Domain". This is called binding. The ypbind(8) daemon takes care of binding on the client machines.

NIS Server

To set up a NIS server, you should take a few steps. The first step is choosing your NIS domain name. The NIS domain name is a name that your NIS domain is identified with. The benefit of identifying a domain by name is that you may have multiple domains, each with its own set of workstations running on the same network without any interference.

As the NIS domain name is not necessarily your DNS domain name, it does not follow DNS naming rules. You may choose your own NIS domain name in order to avoid confusion. However, you are also free to use your DNS domain name as NIS domain name.

Either on a server or a client, you should specify the domain name in the /etc/rc.conf configuration file:

nisdomainname="example-domain"

You should also enable NIS server daemon to run during system startup, as shown here:

nis_server_enable="YES"

These are the two parameters which you need to set up a NIS domain server. However, there are a few other variables that we will discuss later in this tutorial.

Initializing NIS Server

It is necessary to initialize the NIS server. By initializing you will create a default set of centralized database files and make your server ready to serve the configuration databases to the clients.

NIS database files are kept under the /var/yp subdirectory. On a brand-new installation, you will have a Makefile under this directory, that will be used later to initialize the NIS server.

First, you need to make a copy of the password file in the /var/yp directory as follows:

# cp /etc/master.passwd /var/yp/

Then you should edit the password file and remove unnecessary accounts. This includes the system accounts such as daemon, operator, bin, etc. Please note that the system accounts use UID lesser than 1000. You may also want to keep the root account, and add a few accounts to the file, before initializing the server.

When you are finished with the password file, you are ready to initialize the NIS server for the first time. To do so, the ypinit(8) command will be used. The ypinit(8) command initializes a master or slave NIS domain server for the first time. It creates initial databases and appropriate directory structure that is needed by the NIS server. The ypinit command uses the Makefile from the /var/yp directory to set up the server, so that you do not have to run the Makefile manually.

# ypinit -m example-domain
 Server Type: MASTER Domain: example-domain

 Creating an YP server will require that you answer a few questions.
 Questions will all be asked at the beginning of the procedure.

 Do you want this procedure to quit on non-fatal errors? [y/n: n]

 Ok, please remember to go back and redo manually whatever fails.
 If you don't, something might not work.

 At this point, we have to construct a list of this domains YP
 servers.
 server.example.org is already known as master server.
 Please continue to add any slave servers, one per line. When you
 are done with the list, type a <control D>.
	master server : server.example.org
	next host to add: ^D
 The current list of NIS servers looks like this:
 server.example.org

 Is this correct? [y/n: y]
 Building /var/yp/example-domain/ypservers...
 Running /var/yp/Makefile...
 NIS Map update started on Sun Dec 16 00:32:45 IRST 2007 for domain
 example-domain
 Updating hosts.byname...
 Updating hosts.byaddr...
 yp_mkdb: duplicate key '192.168.0.5' - skipping
 Updating networks.byaddr...
 yp_mkdb: no key -- check source file for blank lines
 yp_mkdb: no key -- check source file for blank lines
 Updating networks.byname...
 yp_mkdb: no key -- check source file for blank lines
 yp_mkdb: no key -- check source file for blank lines
 Updating protocols.bynumber...
 Updating protocols.byname...
 Updating rpc.byname...
 yp_mkdb: duplicate key 'rpcbind' - skipping
 Updating rpc.bynumber...
 Updating services.byname...
 yp_mkdb: duplicate key 'compressnet/tcp' - skipping
 yp_mkdb: duplicate key 'compressnet/udp' - skipping
 yp_mkdb: duplicate key 'mit-ml-dev/tcp' - skipping
 yp_mkdb: duplicate key 'mit-ml-dev/udp' - skipping
 Updating shells...
 Updating group.byname...
 Updating group.bygid...
 Updating passwd.byname...
 Updating passwd.byuid...
 Updating master.passwd.byname...
 Updating master.passwd.byuid...
 Updating netid.byname...
 Updating amd.map...
 NIS Map update completed.

 server.example.org has been setup as an YP master server 
 without any errors.

Now your server is initialized. The /var/yp directory should now contain two new files and a folder. The passwd file is just like a typical password file created using the custom master.passwd that we created for our NIS server. The ypservers file also contains the names of all master and slave servers for the domain.

A directory named example-domain (which is the same as the domain name on your system) containing NIS server's database files is also created with the default values.

Now you can start your NIS server by running appropriate rc script manually, or by rebooting the server:

# /etc/rc.d/ypserve start
[Previous] [Contents]