Сервис NIS

• NIS Domain

• Создание тестового набора учетных записей

• SettingUpNISHowTo
• Debian 10 Buster Configure NIS Server
• Debian 10 Buster NIS server does not answer NIS client requests by default
• В течении 5 минут ищет, пока, несуществующий NIS сервер

root@server:~# apt install nis

...
Nis domain: corpX.un
...

root@server:~# cat /etc/defaultdomain

corpX.un

debian10_ubuntu20# cat /etc/default/nis

...
NISSERVER=master
...
NISCLIENT=false
...

debian10/11/12_ubuntu20# cat /etc/default/rpcbind

OPTIONS="-w -r"

debian10_ubuntu20# init 6

debian11/12# systemctl enable ypserv

debian11/12# systemctl start ypserv

root@server:~# /usr/lib/yp/ypinit -m

...
        next host to add:  server.corpX.un
        next host to add:  ^D
...

debian10# service nis restart

[server:~] # cat /etc/rc.conf

...
rpcbind_enable="YES"
nisdomainname="corpX.un"
nis_server_enable="YES"
nis_yppasswdd_enable="YES"

[server:~] # /etc/rc.d/rpcbind start

[server:~] # /etc/rc.d/nisdomain start
Setting NIS domain: corpX.un.

[server:~] # mkdir /var/yp/corpX.un

[server:~] # service ypserv start

[server:~] # awk -F: '($3>=1000) && ($3<65533)' /etc/master.passwd > /var/yp/master.passwd

[server:~] # cd /var/yp

[server:/var/yp] # ypinit -m corpX.un

Server Type: MASTER Domain: corpX.un
...
Do you want this procedure to quit on non-fatal errors? [y/n: n]
...
Can we destroy the existing /var/yp/corpX.un and its contents? [y/n: n]  y
...
        master server   :  server.corpX.un
        next host to add:  ^D
...
Is this correct?  [y/n: y]
...

[server:/var/yp] # cd

[server:~] # service yppasswdd start

http://www.server-world.info/en/note?os=CentOS_5&p=nis

Устанавливаем NIS server из пакета SFU

Опции инсталяции:

Custom:
        Server for NIS

Start->Administrative Tools->Server Manager->Roles->Active Directory Domain Services->Add Role Services->Identity Management for Unix

• Clarification regarding the status of Identity Management for Unix (IDMU) & NIS Server Role in Windows Server 2016 Technical Preview and beyond
• FAQ: The removal of Identity Management for Unix (IDMU) in Active Directory and how it affects the authentication of RHEL clients

• Active Directory Users and Computers→View→Advanced Features … Attribute Editor

• Пример назначения UNIX атрибутов в Microsoft AD

Аналогично, для user2 !!!

guser1

gidNumber: 10001

user1

gidNumber: 10001
loginShell: /bin/bash
uidNumber: 10001
unixHomeDirectory: /home/user1

group1

gidNumber: 15001
memberUid: user2
memberUid: user1

# apt install nis

...
NIS domain: corpX.un
...

# cat /etc/defaultdomain

corpX.un

debian11/12# cat /etc/yp.conf

...
domain corpX.un server 192.168.X.10

debian11/12# systemctl enable ypbind

debian11/12# systemctl start ypbind

root@client1:~# ypcat passwd

• Использование библиотеки NSSWITCH

client1:~# cat /etc/nsswitch.conf

...
passwd:         compat
group:          compat
shadow:         compat
...

root@client1:~# cat /etc/passwd

...
+

root@client1:~# cat /etc/shadow

...
+

root@client1:~# cat /etc/group

...
+

debian11# service nscd restart && service nscd reload

[client1:~] # cat /etc/rc.conf

rpcbind_enable="YES"
nisdomainname="corpX.un"
nis_client_enable="YES"

[client1:~] # /etc/rc.d/rpcbind start

[client1:~] # /etc/rc.d/nisdomain start
Setting NIS domain: corpX.un.

[client1:~] # /etc/rc.d/ypbind start

[client1:~] # ypcat passwd

[client1:~] # vipw

[client1:~] # cat /etc/master.passwd

...
+:::::::::

[client1:~] # cat /etc/group

...
+:::

# id user1

# id user2

# getent passwd