Friday, October 2, 2009

Add a secondary NIS server (linux)

It's recommended to add a secondary NIS server to your linux network, since if the only one breaks down, users with a NIS account (all of them in most cases) won't be able to log on the linux clients anymore. Only the user root which is local will be able.

The master NIS server nisserv1.mydomain.intra runs the NIS service ypserv (/etc/init.d/ypserv)

  1. Install ypserv on the secondary server nisserv2.mydomain.intra, and make it start when booting.

  2. On the master nis server nisserv1, add nisserv2 to the NIS servers list /var/yp/ypservers : nisserv1.mydomain.intra
    nisserv2.mydomain.intra

  3. Then build the NIS maps :
    > cd /var/yp
    > make all

  4. At this point, we have to construct a list of the hosts which will run NIS
    servers :
    >/usr/lib64/yp/ypinit -m
    nisserv12.mydomain.intra is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type CTRL+D : next host to add: nisserv1.mydomain.intra
    next host to add: nisserv2.mydomain.intra
    next host to add:
    The current list of NIS servers looks like this:
    nisserv1.mydomain.intra
    nisserv2.mydomain.intra
     Is this correct? [y/n: y] y

    We need a few minutes to build the databases...
    Building /var/yp/mydomain.intra/ypservers...
    Running /var/yp/Makefile...
    gmake[1]: Entering directory `/var/yp/mydomain.intra'
    Updating passwd.byname...
    Updating passwd.byuid...
    Updating group.byname...
    Updating group.bygid...
    Updating hosts.byname...
    Updating hosts.byaddr...
    Updating rpc.byname...
    Updating rpc.bynumber...
    Updating services.byname...
    Updating services.byservicename...
    Updating netid.byname...
    Updating protocols.bynumber...
    Updating protocols.byname...
    Updating mail.aliases...
    Updating auto.netShare...
    gmake[1]: Leaving directory `/var/yp/mydomain.intra'

    nisserv1.mydomain.intra has been set up as a NIS master server.     Now you can run ypinit -s nisserv1.mydomain.intra on all slave server.

  5. Then check all maps are updated :
    > ypcat passwd
    > ypcat group
    > ...
    This will display accounts, groups... that are available through the NIS service. You can check information is the same as the one on the master NIS server (/etc/passwd, /etc/group...)

  6. Now on the secondary server nisserv2, edit /etc/yp.conf and set nisserv2 as the NIS server to use.
    domain mydomain.intra server nisserv2.mydomain.intra

  7. Update NIS files from the master NIS server
    >/usr/lib64/yp/ypinit -s nisserv1.mydomain.intra

  8. On clients :
    Edit /etc/yp.conf and set it to broadcast, so that it will be able to find another NIS if the current drops :
    domain mydomain.intra broadcast

  9. Update the NIS server to use :
    > /etc/init.d/ypbind restart

  10. Check the NIS server you use (it can still be nisserv1) :
    > ypwhich
    nisserv2.mydomain.intra
Client machines will use one of both servers. If the one they use fails, restart ypbind and by broadcast they will find one available.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)