RHEL5部署NIS服务器
当生产环境中的Linux服务器主机越来越多的时候,方管理每台服务器中的账号是一件比较麻烦的工作,
主要是每一个用户分别在每一台服务器上都要建立相应账号,如果涉及组的管理,那情况可能更麻烦。
NIS(网络信息系统)在一定程度上为我们解决这个问题。在一台服务器上集中管理所有Linux的账号。
这样,我们增加一个用户的时候,不需要在每一台Linux上去增加用户了。
服务端:192.168.200.102
客户端:192.168.200.103
服务端:192.168.200.102
[root@crushlinux2~]#serviceiptablesstop
[root@crushlinux2~]#setenforce0
[root@crushlinux2~]#yum-yinstallypserv
[root@crushlinux2~]#nisdomainnameredhat建立redhat域
[root@crushlinux2~]#echo"NISDOMAIN=redhat">>/etc/sysconfig/network
[root@crushlinux2~]#vi/etc/ypserv.conf
127.0.0.0/255.0.0.0:*:*:none
192.168.200.0/255.255.255.0:*:*:none
*:*:*:deny
第一行:允许回环地址访问
第二行:允许客户机网段访问NIS服务器
第三行:禁止其他网段访问NIS服务器
配置NIS客户机的访问控制:
主机记录以host开头后面跟上IP地址,可以设置让本机访问,如果需要增加其他的服务器访问,
可以继续增加:host192.168.200.100,如果是一个网段注意:子网掩码在前,网段地址在后
[root@crushlinux2~]#vim/var/yp/securenets
host127.0.0.1
255.255.255.0192.168.200.0
[root@crushlinux2~]#useraddcrushlinux建立帐号
[root@crushlinux2~]#passwdcrushlinux
[root@crushlinux2~]#serviceportmaprestart
[root@crushlinux2~]#serviceypservrestart
[root@crushlinux2~]#chkconfigportmapon
[root@crushlinux2~]#chkconfigypservon
构建NIS数据库
[root@crushlinux2~]#/usr/lib/yp/ypinit-m
-------------------------------------------------------------------------------------
Atthispoint,wehavetoconstructalistofthehostswhichwillrunNIS
servers.crushlinux2.comisinthelistofNISserverhosts.Pleasecontinuetoadd
thenamesfortheotherhosts,oneperline.Whenyouaredonewiththe
list,typea<controlD>.
nexthosttoadd:crushlinux2.com
nexthosttoadd:<===按CTRL+D
ThecurrentlistofNISserverslookslikethis:
crushlinux2.com
Isthiscorrect?[y/n:y]y<===输入y
Weneedafewminutestobuildthedatabases...
Building/var/yp/redhat/ypservers...
Running/var/yp/Makefile...
gmake[1]:Enteringdirectory`/var/yp/redhat'
Updatingpasswd.byname...
Updatingpasswd.byuid...
Updatinggroup.byname...
Updatinggroup.bygid...
Updatinghosts.byname...
Updatinghosts.byaddr...
Updatingrpc.byname...
Updatingrpc.bynumber...
Updatingservices.byname...
Updatingservices.byservicename...
Updatingnetid.byname...
Updatingprotocols.bynumber...
Updatingprotocols.byname...
Updatingmail.aliases...
gmake[1]:Leavingdirectory`/var/yp/redhat'
crushlinux2.comhasbeensetupasaNISmasterserver.
Nowyoucanrunypinit-scrushlinux2.comonallslaveserver.
-------------------------------------------------------------------------------------
[root@crushlinux2~]#serviceportmaprestart
[root@crushlinux2~]#serviceypservrestart
[root@crushlinux2~]#nisdomainname
redhat
[root@crushlinux2~]#vim/etc/exports
/home*(ro)
[root@crushlinux2~]#servicenfsrestart
[root@crushlinux2~]#chkconfignfson
客户端:192.168.200.103
[root@crushlinux3~]#serviceiptablesstop
[root@crushlinux3~]#setenforce0
[root@crushlinux3~]#setup
验证配置--->选中NIS(用空格选择)下一步--->输入“redhat”和“192.168.200.102”
[root@crushlinux3~]#setup
停止portmap:[确定]
启动portmap:[确定]
关联到NIS域:[确定]
监听NIS域服务器。
[root@crushlinux3~]#nisdomainname
redhat
[root@crushlinux3~]#mount-tnfs192.168.200.102:/home//home
[root@crushlinux3~]#su-crushlinux
[crushlinux@crushlinux3~]$whoami
crushlinux
[root@crushlinux3~]$vi/etc/fstab
192.168.0.10:/home/homenfsdefaults00
[root@crushlinux3~]#umount/home
[root@crushlinux3~]#mount-a
[root@crushlinux3~]#chkconfig--listypbind
ypbind0:关闭1:关闭2:关闭3:启用4:启用5:启用6:关闭
转载于:https://blog.51cto.com/lytlinux/1308886