一.nis服务: 1.服务端 1.1软件安装: yum install ypserv 1.2配置客户端访问权限: 在/etc/ypserv.conf 配入: 127.0.0.1/255.0.0.0
一.nis服务:
1.服务端
1.1软件安装: yum install ypserv
1.2配置客户端访问权限: 在/etc/ypserv.conf
配入:
127.0.0.1/255.0.0.0 :* :* :none
192.168.1.0/255.255.255.0 :* :* :none
192.168.119.0/255.255.255.0 :* :* :none
* :* :* :deny
1.3增加用户:
useradd test1
passwd test1
useradd test2
passwd test2
1.4初始化
/usr/lib64/yp/ypinit -m 就是生成本地系统的passwd group等等文件的映射文件
[root@myvm1 ~]# /usr/lib64/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS
servers. myvm1 is in the list of NIS server hosts. Please continue to add
the names for the other hosts, one per line. When you are done with the
list, type a <control D>.
next host to add: myvm1
next host to add: test
next host to add:
The current list of NIS servers looks like this:
myvm1
test
Is this correct? [y/n: y] y
We need a few minutes to build the databases...
Building /var/yp/(none)/ypservers...
gethostbyname(): Resource temporarily unavailable
Running /var/yp/Makefile...
Domain name cannot be (none)
myvm1 has been set up as a NIS master server.
Now you can run ypinit -s myvm1 on all slave server.
1.5添加本地解析
/etc/hosts
192.168.119.128 nis
192.168.119.129 nis-client
1.6添加nisdomain
/etc/sysconfig/network
NISDOMAIN=test
1.7立即生效
/bin/nisdomainname test
1.8如果添加了新用户
需要在/var/yp/ 目录下使用make指令进行更新
1.9重启:
/etc/init.d/ypserv restart
/etc/init.d/yppasswd restart
2.客户端:
2.1安装
yum install ypbind yp-tools
2.2添加nisdomain
/etc/sysconfig/network
NISDOMAIN=mynis
2.3 立即生效
/bin/nisdomainname test
2.4 添加本地域名解析
/etc/hosts
192.168.119.128 nis
192.168.119.129 nis-client
2.5 配置
/etc/yp.conf
domain mynis server nis
/etc/nsswitch.conf
passwd file nis
group file nis
hosts file nis dns
2.6 重启:
/etc/init.d/rpcbind restart
/etc/init.d/ypbind restart
3.验证(客户端):
ypwhich
ypwhich -x
ypcat passwd
ypcat hosts
yptest
ssh test1@nis-client(主。从服务器都可以验证)
二.ldpa服务
-
测试环境架构图
-
系统基本环境准备
系统版本均为:
CentOS release 6.4 (Final)
Kernel /r on an /m
内核版本为:
2.6.32-358.el6.i686
服务器端配置准备:
[root@openvpn ~]# vi /etc/sysconfig/network
HOSTNAME=openvpn
[root@openvpn ~]# hostname
openvpn
[root@openvpn ~]# vi /etc/hosts
192.168.4.178 openvpn openvpn.test.com
192.168.4.177 openvpn-client openvpn-client.test.com
[root@openvpn ~]# iptables -F
[root@openvpn ~]# iptables -X
[root@openvpn ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@openvpn ~]# ping openvpn-client
PING openvpn-client (192.168.4.177) 56(84) bytes of data.
64 bytes from openvpn-client (192.168.4.177): icmp_seq=1 ttl=64 time=0.362 ms
64 bytes from openvpn-client (192.168.4.177): icmp_seq=2 ttl=64 time=0.349 ms
64 bytes from openvpn-client (192.168.4.177): icmp_seq=3 ttl=64 time=0.286 ms
64 bytes from openvpn-client (192.168.4.177): icmp_seq=4 ttl=64 time=0.357 ms
^C
--- openvpn-client ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3476ms
rtt min/avg/max/mdev = 0.286/0.338/0.362/0.035 ms
yum环境准备
[root@openvpn ~]# mount /dev/cdrom /mnt
[root@openvpn ~]# vi /etc/yum.repos.d/CentOS-Media.repo
[centos6-media]
个人原因未写完可以看“Centos6/rhel6环境-LDAP用户集中统一认证测试.docx”文档 很详细
