企业里面一般都会有好多服务器,如果一个员工要登录多台服务器,则需要在多台服务器中给用户添加用户名密码,如果服务器量大,员工数目也多,则很难以控制添加也麻烦。NIS就是用于用户机制哦能管理。 1 需求
企业里面一般都会有好多服务器,如果一个员工要登录多台服务器,则需要在多台服务器中给用户添加用户名密码,如果服务器量大,员工数目也多,则很难以控制添加也麻烦。NIS就是用于用户机制哦能管理。
1 需求
用于多用户集中管理
2 版本
系统版本 Centos 6.8
内核版本2.6.32-642.el6.x86_64
NIS 服务端安装软件 ypserv.x86_64
NIS 客户端安装软件 yp-tools.x86_64 ypbind.x86_64
3 实施
3.1 服务端
3.1.1 安装 ypserv.x86_64
yum install ypserv.x86_64
3.1.2 配置系统文件
/etc/ypserv.conf 在这个文件里面配置显示客户访问的权限添加上一下代码:
50 127.0.0.1/255.0.0.0 :* :* :none 51 192.168.125.0/255.255.255.0 :* :* :none 52 * :* :* :deny 
3.1.3 添加用户
3.1.4 初始化
/usr/lib64/yp/ypinit -m 就是生成本地系统的passwd group等等文件的映射文件
root@wzlvm ~]# /usr/lib64/yp/ypinit -mAt this point, we have to construct a list of the hosts which will run NISservers. wzlvm is in the list of NIS server hosts. Please continue to addthe names for the other hosts, one per line. When you are done with thelist, type a <control D>. next host to add: wzlvm next host to add: The current list of NIS servers looks like this:wzlvmIs this correct? [y/n: y]3.1.5 添加本地解析
在/etc/hosts 里面添加域名解析
[root@wzlvm ~]# cat /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.125.134 nis192.168.125.129 nis-client3.1.6 添加nisdomain
在文件/etc/sysconfig/network 里面添加
/bin/nisdomainname wzlnis 立即生效
3.2 客户机
3.2.1 安装软件
客户机安装软件包 ypbind 和 yp-tools
3.2.2 添加客户机nisdomain
/etc/sysconfig/network 中添加:
NISDOMAIN=wzlnis
[root@myvm2 ~]# /bin/nisdomainname wzlnis 立即生效
3.2.3 添加客户机本地解析
192.168.125.134 nis
192.168.125.129 nis-client
3.2.4 配置客户机配置文件 /etc/yp.conf
/etc/yp.conf
domain wzlnis server nis
/etc/nsswitch.conf
passwd file nis
group file nis
hosts file nis dns
3.2.5 重启客户机
service rpcbind restart
service ypbind restart
[root@myvm2 ~]# service rpcbind restartStopping rpcbind: [ OK ]Starting rpcbind: [ OK ][root@myvm2 ~]# service ypbind restartShutting down NIS service: [FAILED]Setting NIS domain: domain is 'wzlnis' [ OK ]Starting NIS service: [ OK ]Binding NIS service: . [ OK ]3.2.6 验证
ypwhich
ypwhich -x
ypcat passwd
ypcat hosts
yptest
ssh test1@nis-client
[root@myvm2 ~]# ypwhichnis[root@myvm2 ~]# ypwhich -xUse "ethers" for map "ethers.byname"Use "aliases" for map "mail.aliases"Use "services" for map "services.byname"Use "protocols" for map "protocols.bynumber"Use "hosts" for map "hosts.byname"Use "networks" for map "networks.byaddr"Use "group" for map "group.byname"Use "passwd" for map "passwd.byname"[root@myvm2 ~]# ypcat passwduser3:$6$HDHeZE34$QTpM5EfAgd2Ksq0CtfRd9xjfxN.wMC2pgi..mV9FKLqsAFRFUzZWPPrGxBclRsvaOP8V7aTM/cw2BOjPO6eQ/1:502:501::/home/user3:/bin/basht2:$6$LnwFfPjX$TF5UekSOh6zeHdN1zOuSavRvI8DCSqccKk60Cz.RqIbTBL.KH584a562jyERGxSuTYuzNDALgXDFoSe7ncW5u.:506:506::/home/t2:/bin/basht1:$6$MjQnBk.t$/IkzEkjruz94a00KcoVwo/hyNFOXL4txP9LzJk2n66pXZ8fWS/fNRUrLAk8xQSOgTaTJITDd2WMpLo8h82GXA1:505:505::/home/t1:/bin/bashuser1:$6$9NX6wZdm$pTVQ0hw3kJQ/P2eU6VOwthLygHOIqIeLaWzO.D28IbUZebtW3SHTUKOPqykPyQmAwk1V0gyyG2D.eYhHRBFwh0:500:501::/home/user1:/bin/bashtest1:!!:504:504::/home/test1:/sbin/nologinuser4:$6$a4Upk6Gu$tsy4TeOAlzhR2XlBsHZrjEANqdHcT/FdIfDYeYu2vZEGO6pEBbIa40ktLPH4oAfp0yCiSgzV0D45I7BPBcDYZ/:503:501::/home/user4:/bin/bashuser2:$6$/n6SWiTF$/tHJ735..jlITzYGyBJwiRPnR1RdT5Fi6lhCDQ.kMY1LA3zzQU/Wj/rmxFCGe7sjS7ERJbh33BbUeMiMZgJpV0:501:502::/home/user2:/sbin/nologer[root@myvm2 ~]# ssh t1@nis-client The authenticity of host 'nis-client (192.168.125.129)' can't be established.RSA key fingerprint is 1c:29:89:72:21:fd:dc:f1:f2:81:2f:5c:f1:e6:8b:2d.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'nis-client,192.168.125.129' (RSA) to the list of known hosts.t1@nis-client's password: Could not chdir to home directory /home/t1: No such file or directory-bash-4.1$ lsbin boot data dev etc home lib lib64 lost+found media mnt opt proc root sbin selinux srv sys tmp usr var客户机登录成功.
