NIS Server in RHEL/CentOS Linux – Installation, Configuration, Interview Questions, & Tips

1. Introduction

Network Information Service or NIS were originally named as Yellow Pages or YP is a directory service protocol used for distributing system configuration data across the network.

System configuration data includes usernames, passwords, groups, and hostnames which are distributed by NIS/YP server to its clients.

A NIS/YP server maintains a central repository of user and group information, hostnames, email aliases and other text-based information tables in a computer network and provides in response to NIS client queries.

A file/table data when shared by NIS server, it is referred as NIS map.

Q.1 What all data can be shared by NIS ?
All tabular files containing one column of unique values can be shared as NFS or YP map and in future, updates can also be propagated to all users.

For example:- /etc/services file shared by NFS.


2. Brief description of NIS.

Q.2 What is NIS w.r.t Linux ?
NIS is a database containing a series of files which maintains various tables and each table shares important user/system information which can be used across network to authenticate users and for retrieving/validating their information.
For example:- /etc/passwd table, /etc/services, etc maps.

Q.3 What all services required for NIS server and NIS client ?
For NIS client:

ypbind:- NIS client service used to map to NIS server.

For NIS Server:

ybind:-  NIS client daemon.
ypserv:- NIS Server daemon provides answers to NIS clients requests.
ypxfrd:- Useful for sharing NIS databases from master NIS server to slave NIS servers.

Q4. NIS server Types.
Master Server: Here all original files are stored.
Slave Server: Used for load balancing and when master NIS server is not reachable.

Q.5 What is server push ?
Process of data sync between primary NIS server and secondary NIS server is called server push.


3. NIS Domain name
NIS domain name is configured so that NIS clients can choose and join respective NIS domain/server as per their requirement.
==> Must be different from DNS domain name
==> Clients can join the NIS domain without waiting for root user/admin approval.


4. Set up NIS Client
Before going with NIS server, lets have a look how to setup NIS client or how to become client of a NIS server.

a. Install ypbind or nis package.

# yum -y install ypbind

b. Configure file /etc/yp.conf to have NIS Server updated.

# /etc/yp.conf - ypbind configuration file
ypserver 127.0.0.1

c. Start the service

On RHEL7:
# systemctl start ypbind
# systemctl enable ypbind

On RHEL6:
# service portmap start
# service yppasswdd start

# chkconfig portmap on
# chkconfig yppasswdd on

d. /etc/nsswitch file
We need to update nsswitch file to mention nis in front of files we want to look to look at NIS server.

passwd:    files nis
group:     files nis

e. Update /etc/sysconfig/network file
Update NISDOMAIN variable with value of nisdomain name in /etc/sysconfig/network file.

# cat /etc/sysconfig/network | grep NISD
NISDOMAIN="NIS-NGELINUX"


5. YP Tools
YP(Yellow Pages) Tools or NIS tools are various commands that can help us manage the NIS maps/database.
ypwhich: to get name of NIS server which is responding to our requests.
ypmatch: search nis maps by a specific key.
ypcat: reads the NIS map from the server.


6. Setup Master Linux NIS server.
a. Install the NIS server package.

# yum install ypserv
or,
# dnf -y install ypserv

Now ypserv waits for the queries and respond to NIS clients’ requests.

b. Configure NIS

# systemctl start rpcbind.     ### rpcbind for binding port to get remote requests.
# systemctl start ypserv.      ### NIS server daemon
# rpcinfo -p                   ### To confirm RPC service is running, and shows ports status.

c. Configure NIS server options
We have to edit the makefile below and configure its various options.

# vim /var/yp/makefile

Once above file is configured, run make command to prepare the list of files exported to network.

# make

d. Options of makefile

NOPUSH=false  ### make it as false to get support from slave servers.

### Checks if userid and groupid is > 500
MINUID=500
MINGID=500

MERGE_PASSWD=true   ### merges /etc/shadow password field with /etc/passwd map.
MERGE_GROUP=true.   ### merges /etc/gshadow password field with /etc/group map.

all: passwd group hosts services shadow networks
### all options specifies what all files are shared.

YPPWDIR=/etc/
### YPPWDIR options specifies location of these files i.e. /etc/.

e. Initialize NIS server using ypinit
After makefile configuration is completed, we can initialize the NIS server.

# /usr/lib64/yp/ypinit -m     #### m is for master server, s will be used for slave server.
or,
# /usr/lib/yp/ypinit -m.   ### for 32 bit systems

f. Secondary NIS servers.
Above command will ask for secondary NIS servers if any.
Else we can store them manually in /var/yp/ypservers file.


7. Most Common NIS Server Interview Questions

1. Port number of NIS 
UDP/TCP port 111, alongwith a number of ports over 1024.

2. List the most common files maintained by NIS.
/etc/passwd
/etc/group
/etc/aliases
/etc/hosts
/etc/ethers :- MAC to hostname mapping
/etc/netgroup :- collection of users, hosts and networks.
/etc/protocols :- Name to protocol number mapping
/etc/rpc :- ID nujber for RPC services
/etc/services :- Port number list of well known services.


3. What is NIS+ ?
Replacement for NIS with enhancements like encryption and authentication over RPC.
It is entirely a seperate implementation than NIS.

4. Use of rpc.yppassswdd 
rpc.yppasswdd runs on master NIS server and allows NIS clients to 
change their password from client itself. If this daemon is not running, 
clients need to change the password on NIS master to update the new password on NIS map.

Leave a Reply

avatar
  Subscribe  
Notify of