Changes

Jump to: navigation, search

OPS335 NIS Lab

4,437 bytes added, 21:38, 30 August 2011
Created page with 'FOCUS: NIS (Network Information Services) server for password authentication. In this lab you will set up your Fedora PC as both an NFS and NIS server. You will then install one…'
FOCUS: NIS (Network Information Services) server for password authentication.

In this lab you will set up your Fedora PC as both an NFS and NIS server. You will then install one VM guest that will serve as your NFS and NIS client.

PART A: Setting up your NFS Server

Power up your Fedora host PC (f13), login as joker and make sure it is connected to the Internet.
Ensure your host is updated with "yum update".
Ensure your host has the default desktop firewall setup. Verify with "iptables-save" command.
Ensure NFS is installed with "yum install nfs-utils".
Edit your /etc/exports file and insert this line

/home 192.168.122.*(rw,root_squash)

Modify your firewall to allow NFS connections. NFS uses port 2049.
Start your NFS server with the command

service nfs start

Now move on to PART B.
PART B: Setting up your NIS Server
Install the NIS server and client onto your f13 host PC
yum install ypserv ypbind

Add the following line to the bottom of the file /etc/sysconfig/network

NISDOMAIN="foo.bar"
YPSERV_ARGS="-p 783"

Edit the file /etc/yp.conf and set up your domain:
domain foo.bar server 127.0.0.1

Edit the file /etc/nsswitch.conf and add "nis" to three lines:
passwd: files nis
shadow: files nis
group: files nis

Create the file /var/yp/securenets:
host 127.0.0.1
255.255.255.0 192.168.122.0

Enable and start the NIS password (yppasswdd) service.
Enable and start the NIS (ypserv) service.
Enable and start the NIS map transfer (ypxfrd) service.
Verify that your servers are running correctly with the following command:

rpcinfo -p

Now change to directory /var/yp and run this command

make

Enable and start the NIS binding (ypbind) service.
Use the following command to verify your NIS server is working - you should see joker's password record.
ypcat passwd

Add a new user named clown, with password "seneca99".
Repeat step 12. If you don't see both joker's and clown's password records then cd to /var/yp and run the "make" command again.
Now modify your firewall so that the guest VM (client vm01) will be able to access your NIS server. You'll have to open port 111 as well as port 783 (see step 2 above).
PART C: Setting up your VM to be an NFS client
Login to your VM guest (vm01) and enable and start your ssh server with these commands

chkconfig --levels 2345 sshd on
service sshd start

Use iptables to allow ssh connections to your VM guest machine.
If you still have autofs installed (from last week) then uninstall it (yum remove autofs).
Reboot your VM guest machine, login and use ifconfig to determine its IP address.
Log out of your VM guest.
From your Fedora host, ssh (as root) into your VM guest.
Edit your guest's /etc/fstab file and insert this line

192.168.122.1:/home /home nfs defaults 0 0

Use the "mount -a" command to mount the /home directory.
Check that /home is mounted by running and recording the output of the "df -Th" command.
Install ypbind.
Logout of your VM guest.
PART D: Setting up your VM to be an NIS client
Open your VM guest graphical login window and login as joker.
Verify that joker is using the /home directory imported from your Fedora host.
Now modify your authentication to include NIS. You can do this by selecting System->Administration->Authentication from the GNOME menu. You'll have to set the following:
NIS server address (192.168.122.1)
NIS domain name (foo.bar)

Now start the ypbind server with the command "service ypbind start".
Test your configuration with the "ypcat passwd" command. You should see both joker's and clown's password records. NOTE: Clown's record is coming from your Fedora host because there is no clown user on your VM guest.
Logout of joker and login as clown on your VM. NOTE: You may have to login as "other" if clown's name does not show up on the login screen.
PART E: (Questions):Answer the following questions.
What is your full name and 9-digit Seneca student ID?
What is the function of the /etc/nsswitch.conf file?
What is the purpose of the "-p" option to the rpcinfo command?
Explain, in your own words, what the "make" command did in PART B step 10.
Explain the syntax/meaning of the two records in the /var/yp/securenets file.
What was the output of the "ypcat passwd" command from PART D, step 5?
Explain, in your own words, the function of the portmapper service as seen in the "rpcinfo -p" command. Hint: Use Wikipedia.
What did your final firewall on the host look like. Use iptables-save.
1
edit

Navigation menu