Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

nisdomainname question 1

Status
Not open for further replies.
rouse01

rouse01

IS-IT--Management
Sep 10, 2001
143
US
I'm trying to setup linux workstations to authenticate to a linux server using NIS. I setup the server nisdomainname= nis_home & ran the ypinit -m with all ok. Started the ypserv & yppasswdd ok also.
Set the client \etc\yp.conf:
domain nis_home server 192.168.1.10
also tried:
ypserver nis_home
When I run \etc\rc.d\init.d\ypbind restart I get:
Binding to the NIS domain [OK]
Listening for an NIS domain server.....[FAILED]
Is my nisdomainname not valid? (I can ping nis_home from the client ok).
Drving me crazy! Any help is appreciated.
Keith

 
Sort by date Sort by votes
Still working on this...
I disabled ipchains on the nis server and now -

Listening for an NIS domain server

does not return [Failed}, but it dose not return an [OK] either. Is that right?
Anyway, I set up a user (joe) on the server, and tried logging in on the client, but get a Login incorrect. So anybody have an idea? Also, what ports do I need to open in my firewall to allow network access to this nis server 192.168.1.10?
Thanks,
Keith
 
Upvote 0 Downvote
Hi

In my /etc/yp.conf on the client side I've only got the hostname for the server, which gets resolved to an IP in the /etc/hosts file, and the same on the server side.

When you run the command "domainname" on the server and the client, do you get the same reply? You have to set the client and the server to the same NIS domain. By entering "domainname nis_home" on the client, you should get the client on the same NIS domain as your server. You can activate the NIS Domain name at bootup by adding the following line to /etc/sysconfig/network - (On a Red Hat 7.3
System)

in /etc/sysconfig/network add this line on server and client

NISDOMAIN="nis_home"

Now your client should connect to the NIS server when you start ypbind.

Also, after adding a new user on the NIS server, you have to go to /var/yp and run the "make" to update the NIS info with the new user.
 
Upvote 0 Downvote
Please bear with me.

Client is rh8.0 (iptables stopped)
Client's /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=workstation
NISDOMAIN=nis_home

Client's /etc/yp.conf
ypserver 192.168.1.10
domain nis_home server 192.168.1.10

Executed on Client:
/etc/rc.d/init.d/ypbind restart
Shutting down NIS services: [ OK ]
Binding to the NIS domain: [ OK ]
Listening for an NIS domain server.

Server is rh7.3 (ipchains stopped)
Server's /etc/hosts.allow
portmap : 192.168.1.0/255.255.255.0 : allow
portmap : ALL : deny

Server's /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=linux.home.kcs
NISDOMAIN=nis_home

Server's /var/ypservers
linux.home.kcs
nis_home

Server's /etc/yp.conf - ypbind configuration file
# Valid entries are
#domain NISDOMAIN server HOSTNAME
# Use server HOSTNAME for the domain NISDOMAIN.
#domain NISDOMAIN broadcast
# Use broadcast on the local net for domain NISDOMAIN
#ypserver HOSTNAME
# Use server HOSTNAME for the local domain. The
# IP-address of server must be listed in /etc/hosts.
domain nis_home server 192.168.1.10


OK, I can login as joe at the server.
After make ing & restarting services on sever & client, I tyy login at client...
login as: joe
Sent username "joe"
joe@192.168.1.20's password:
Access denied

Not running ipchains or iptables on either box. I do run smb on the server (not sure this matters).
Thanks if you can help.
Keith
 
Upvote 0 Downvote
Hi

In your server's /var/yp/ypservers I notice you have nis_home, unless this is a hostname for a server you need to remove it. ypservers to my knowledge should only contain the server details, and not your NIS domainname. And can you ping "linux.home.kcs"? If not change the entry from
linux.home.kcs to the physical IP of the server eg. 192.168.1.10

Just to make sure that both client and server is on the same NIS domain, run "domainname" on both, if it's not "nis_home" on both machines that could be your problem.

the output you receive when restarting the ypbind service on the client is fine, that is how it should look.

Also try changing your /etc/hosts.allow to look something like this:

#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
portmap : 192.168.1.
.linux.home.kcs

My /etc/yp.conf for my server and client is exactly the same, so maybe try changing yours to look like this on both:

# /etc/yp.conf - ypbind configuration file
# Valid entries are
#
#domain NISDOMAIN server HOSTNAME
# Use server HOSTNAME for the domain NISDOMAIN.
#
#domain NISDOMAIN broadcast
# Use broadcast on the local net for domain NISDOMAIN
#
#ypserver HOSTNAME
# Use server HOSTNAME for the local domain. The
# IP-address of server must be listed in /etc/hosts.
#
192.168.1.10

If everything is working as it should be, all you need to do to get the linux user updated to the NIS database is to go to /var/yp on the server and run "make". There is no need to stop and restart the services on either the client or the server side if everything is running ok.
 
Upvote 0 Downvote
hvn - you d man!
When you pointed out my /var/yp/ypservers nis_home error, I took another look at my server config (my mangled brain thought this was an appropriate entry - grasping straws). I had disabled ipchains on the server, but discovered I also had iptables running as well.
So I disabled all firewall on server and bang!

I'm on the home stretch. I can still login to the server from a windows client as joe with ssh, or at the server console as joe with no problem.
I login as joe from the linux client, now get:
No directory /joe/home!
Logging in with home = "/"
followed by a bash prompt, which is cool!
So, two last questions please.
1) Do I still have to manually create the user directories on the workstations after I've set them up on the server?
2) What ports do I need to open in the firewall on the server?
Many thanks for all the help. - Keith
 
Upvote 0 Downvote
Hi

You could create the user's home directories manually, but another way would be to do a NFS export on the /home directory on the server, allowing only the client systems to do a NFS mount of /home. This way you could log in on any client machine with any user and his/her user home directory will be available. Or you could only mount the specific /home directory for each user on his/her system.

As for the ports to open on the firewall, if I'm not mistaken you''ll need port 111 open which is the rpc (remote procedure call) port.

If there's any other ports, you might be able to pick up which by using the netstat -natp command to see which programs are listening on which ports. If I'm not mistaken, ypbind/ypserv can actually use any port between 668-1024. You might have to open up that range of ports for a specific network to connect to them, but I would leave port 1024 closed, since that might open a possible weakpoint in the firewall.

Hope this helps
Hannes
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AbidingDude
  • Locked
  • Question
Newbie Apache Cache Question
Replies
5
Views
445
AbidingDude
AbidingDude
johngiggs
  • Locked
  • Question
Regex Question
Replies
1
Views
193
johngiggs
johngiggs
abrooks3640
  • Locked
  • Question
Two Servers on One Machine - iframe question
Replies
0
Views
122
abrooks3640
abrooks3640
alan147
  • Locked
  • Question
udev rules question
Replies
1
Views
127
Noway2
Noway2
AlStl
  • Locked
  • Question
Apache htdocs question
Replies
3
Views
170
feherke
feherke

Part and Inventory Search

Sponsor

Back
Top