Date: Mon, 22 Mar 2004 17:50:21 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Jamel Brown <viril29@yahoo.com> Cc: questions@freebsd.org Subject: Re: Problem Setting up NIS Server and Client Message-ID: <20040322175021.GA19855@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <20040322120826.55760.qmail@web60508.mail.yahoo.com> References: <20040322120826.55760.qmail@web60508.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--mP3DRpeJDSE+ciuQ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Mar 22, 2004 at 04:08:26AM -0800, Jamel Brown wrote:
[...]
> I'm having several problems setting up nis on my
> system I have 4 computers that I am trying to setup
> nis on. The roles I would like my computers to play
> are as follows Freebsd1 Server, Freebsd2 Slave,
> Freebsd3 Client, and Freebsd4 Client. I have been
> trying to set up NIS according to what the FreeBSD
> hand book says several times but all with no luck. Ok
> here's is another thing I?m new to FreeBSD so I don?t
> know how to use vi and vipw very well so I always use
> Pico or edit instead please let me know if I am
> causing the problem by not using these programs. Also
> if you notice I have missed anything please let me
> know. I am not going to explain freebsd4 because
> freebsd3 is the same as it. Everything I typed in is
> after a fresh install of FreeBSD this is no other
> programs running except what is listed in /etc/rc.conf
> Also Please Type in the exact command needed to fix my
> problem if at all possible as I have stated before I
> am new to FreeBSD so please assume I don?t know.
[...]
Wow. Excellent report. However, you seem to have done everything
correctly, so far.
You need to enable 'portmap' on all your machines. Add:
portmap_enable=3D"YES"
If you don't want to reboot all those machines, you can just start
portmap from the command line:
# /usr/sbin/portmap
Note that portmap enabled machines need extra care if they're exposed
to the internet: you should set up firewalls to prevent external
access to port 111 and the high-numbered ports that RPC based services
use. You can also use tcp_wrappers to good effect to protect portmap:
see the examples in /etc/hosts.allow, but be aware that portmap is a
special case which you have to configure access by IP number rather
than hostname.
Once that has been enabled, you should be able to run:
% rpcinfo
to see what RPC services are available on your hosts,
% ypwhich
to show which NIS server that host has bound to, and:
% ypcat passwd
to download one of your NIS maps and prove that it's accessible from
that host.
After all that, the NIS userids should be accessible from your client
machines, given that you've put the correct magic token in the
/etc/master.passwd and /etc/group files.
One thing that can help if the clients are refusing to bind properly
to the server is to put:
nis_client_flags=3D"-S compulinux.org,freebsd1.compulinux.org,freebsd2.=
compulinux.org"
See ypbind(8) for more details.
For setting up NIS users, use pw(8) rather than adduser(8). pw(8) has
a '-V' flags which you can use to make it modify your master.passwd
and group files in /var/yp rather than /etc. Unfortunately, and for
reasons I don't really understand, this will also cause pw(8) to
silently fail to create home directories. However, once the account
has been created in NIS, you should be able to use:
# pw usermod -n username -m
to create the home directory for 'username'.
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
--mP3DRpeJDSE+ciuQ
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFAXydddtESqEQa7a0RAkoqAJoC64bJHkGYaMEAyNIExbk5MhBNqwCfVNZy
hgYHfcVZkUq8lUfYTngK2WY=
=yRk/
-----END PGP SIGNATURE-----
--mP3DRpeJDSE+ciuQ--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040322175021.GA19855>