Chapter 25. Using NIS

Table of Contents

25.1. Configuring NIS Servers
25.2. Configuring NIS Clients


As soon as multiple UNIX systems in a network want to access common resources, it becomes important that all user and group identities are the same for all machines in that network. The network should be transparent to users: whatever machines they use, they always find themselves in exactly the same environment. This is made possible by means of NIS and NFS services. NFS distributes file systems over a network and is discussed in Chapter 26, Sharing File Systems with NFS.

NIS (Network Information Service) can be described as a database-like service that provides access to the contents of /etc/passwd, /etc/shadow, and /etc/group across networks. NIS can also be used for other purposes (making the contents of files like /etc/hosts or /etc/services available, for example), but this is beyond the scope of this introduction. People often refer to NIS as YP, because it works like the network's “yellow pages.

25.1. Configuring NIS Servers

For the configuration, select NIS Server from the YaST module Network Services. If no NIS server exists so far in your network, activate Install and Set up a Master NIS Server in the next screen. If you already have a NIS server (a master), you can add a NIS slave server (for example, if you want to configure a new subnetwork). First, the configuration of the master server is described.

If some needed packages are missing, insert the CD or DVD requested to install the packages automatically. Enter the domain name at the top of the configuration dialog, which is shown in Figure 25.1, “NIS Server Configuration Tool”. With the check box, define whether the host should also be a NIS client, enabling users to log in and access data from the NIS server.

Figure 25.1. NIS Server Configuration Tool

NIS Server Configuration Tool

To configure additional NIS servers (slave servers) in your network afterwards, activate Active Slave NIS Server Exists now. Select Fast Map Distribution to set fast transfer of the database entries from the master to the slave server.

To allow users in your network (both local users and those managed through the NIS server) to change their passwords on the NIS server (with the command yppasswd), activate the corresponding option. This makes Allow Changes to GECOS Field and Allow Changes to Login Shell available. “GECOS” means that the users can also change their names and address settings with the command ypchfn. “SHELL” allows users to change their default shell with the command ypchsh, for example, to switch from bash to sh.

By clicking Other Global Settings, access a screen, shown in Figure 25.2, “Changing the Directory and Synchronizing Files for a NIS Server”, in which to change the source directory of the NIS server (/etc by default). In addition, passwords and groups can be merged here. The setting should be Yes so the files (/etc/passwd, /etc/shadow, and /etc/group) can be synchronized. Also determine the smallest user and group ID. Press OK to confirm your settings and return to the previous screen. Then click Next.

Figure 25.2. Changing the Directory and Synchronizing Files for a NIS Server

Changing the Directory and Synchronizing Files for a NIS Server

If you previously enabled Active Slave NIS Server Exists, enter the hostnames used as slaves and click Next. If you do not use slave servers, the slave configuration is skipped and you continue directly to the dialog for the database configuration. Here, specify the maps, the partial databases to transfer from the NIS server to the client. The default settings are usually adequate.

Next continues to the last dialog, shown in Figure 25.3, “Setting Request Permissions for a NIS Server”. Specify from which networks requests can be sent to the NIS server. Normally, this is your internal network. In this case, there should be the following two entries:

The first one enables connections from your own host, which is the NIS server. The second one allows all hosts with access to the same network to send requests to the server.

Figure 25.3. Setting Request Permissions for a NIS Server

Setting Request Permissions for a NIS Server
[Important]Automatic Firewall Configuration

If a firewall is active on your system (SuSEfirewall2), YaST adapts its configuration for the NIS server by enabling the portmap service when Open Ports in Firewall is selected.

SUSE LINUX Administration Guide 9.3