Difference between revisions of "OPS335 NIS Lab"
(Created page with 'FOCUS: NIS (Network Information Services) server for password authentication. In this lab you will set up your Fedora PC as both an NFS and NIS server. You will then install one…') |
|||
| Line 1: | Line 1: | ||
| − | + | [[Category:OPS335]][[Category:OPS335 Labs]] | |
| + | ==NIS (Network Information Services)== | ||
| + | NIS server is used for password authentication. In this lab you will set up your Fedora PC as both an NFS and NIS server. You will then install one VM guest that will serve as your NFS and NIS client. | ||
| + | ===PART A: Setting up your NFS Server=== | ||
| + | #Power up your Fedora host PC (f13), login as joker and make sure it is connected to the Internet. | ||
| + | #Ensure your host is updated with "yum update". | ||
| + | #Ensure your host has the default desktop firewall setup. Verify with "iptables-save" command. | ||
| + | #Ensure NFS is installed with "yum install nfs-utils". | ||
| + | #Edit your /etc/exports file and insert this line | ||
| − | + | /home 192.168.122.*(rw,root_squash) | |
| − | PART | + | *Modify your firewall to allow NFS connections. NFS uses port 2049. |
| + | *Start your NFS server with the command | ||
| + | service nfs start | ||
| + | ===PART B: Setting up your NIS Server=== | ||
| + | *Install the NIS server and client onto your f13 host PC | ||
| + | yum install ypserv ypbind | ||
| + | *Add the following line to the bottom of the file /etc/sysconfig/network | ||
| + | NISDOMAIN="foo.bar" | ||
| + | YPSERV_ARGS="-p 783" | ||
| + | *Edit the file /etc/yp.conf and set up your domain: | ||
| + | domain foo.bar server 127.0.0.1 | ||
| + | *Edit the file /etc/nsswitch.conf and add "nis" to three lines: | ||
| + | passwd: files nis | ||
| + | shadow: files nis | ||
| + | group: files nis | ||
| − | + | *Create the file /var/yp/securenets: | |
| − | + | host 127.0.0.1 | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | Create the file /var/yp/securenets: | ||
| − | host 127.0.0.1 | ||
255.255.255.0 192.168.122.0 | 255.255.255.0 192.168.122.0 | ||
| − | Enable and start the NIS password (yppasswdd) service. | + | *Enable and start the NIS password (yppasswdd) service. |
| − | Enable and start the NIS (ypserv) service. | + | *Enable and start the NIS (ypserv) service. |
| − | Enable and start the NIS map transfer (ypxfrd) service. | + | *Enable and start the NIS map transfer (ypxfrd) service. |
| − | Verify that your servers are running correctly with the following command: | + | *Verify that your servers are running correctly with the following command: |
| − | + | rpcinfo -p | |
| − | rpcinfo -p | + | *Now change to directory /var/yp and run this command |
| − | + | make | |
| − | Now change to directory /var/yp and run this command | ||
| − | |||
| − | make | ||
| − | |||
Enable and start the NIS binding (ypbind) service. | Enable and start the NIS binding (ypbind) service. | ||
Use the following command to verify your NIS server is working - you should see joker's password record. | Use the following command to verify your NIS server is working - you should see joker's password record. | ||
| Line 87: | Line 74: | ||
Test your configuration with the "ypcat passwd" command. You should see both joker's and clown's password records. NOTE: Clown's record is coming from your Fedora host because there is no clown user on your VM guest. | Test your configuration with the "ypcat passwd" command. You should see both joker's and clown's password records. NOTE: Clown's record is coming from your Fedora host because there is no clown user on your VM guest. | ||
Logout of joker and login as clown on your VM. NOTE: You may have to login as "other" if clown's name does not show up on the login screen. | Logout of joker and login as clown on your VM. NOTE: You may have to login as "other" if clown's name does not show up on the login screen. | ||
| − | + | ==Completing the Lab== | |
| − | What is your full name and 9-digit Seneca student ID? | + | Answer the following questions. |
| − | What is the function of the /etc/nsswitch.conf file? | + | #What is your full name and 9-digit Seneca student ID? |
| − | What is the purpose of the "-p" option to the rpcinfo command? | + | #What is the function of the /etc/nsswitch.conf file? |
| − | Explain, in your own words, what the "make" command did in PART B step 10. | + | #What is the purpose of the "-p" option to the rpcinfo command? |
| − | Explain the syntax/meaning of the two records in the /var/yp/securenets file. | + | #Explain, in your own words, what the "make" command did in PART B step 10. |
| − | What was the output of the "ypcat passwd" command from PART D, step 5? | + | #Explain the syntax/meaning of the two records in the /var/yp/securenets file. |
| − | Explain, in your own words, the function of the portmapper service as seen in the "rpcinfo -p" command. Hint: Use Wikipedia. | + | #What was the output of the "ypcat passwd" command from PART D, step 5? |
| − | What did your final firewall on the host look like. Use iptables-save. | + | #Explain, in your own words, the function of the portmapper service as seen in the "rpcinfo -p" command. Hint: Use Wikipedia. |
| + | #What did your final firewall on the host look like. Use iptables-save. | ||
Revision as of 17:28, 5 September 2011
Contents
NIS (Network Information Services)
NIS server is used for password authentication. In this lab you will set up your Fedora PC as both an NFS and NIS server. You will then install one VM guest that will serve as your NFS and NIS client.
PART A: Setting up your NFS Server
- Power up your Fedora host PC (f13), login as joker and make sure it is connected to the Internet.
- Ensure your host is updated with "yum update".
- Ensure your host has the default desktop firewall setup. Verify with "iptables-save" command.
- Ensure NFS is installed with "yum install nfs-utils".
- Edit your /etc/exports file and insert this line
/home 192.168.122.*(rw,root_squash)
- Modify your firewall to allow NFS connections. NFS uses port 2049.
- Start your NFS server with the command
service nfs start
PART B: Setting up your NIS Server
- Install the NIS server and client onto your f13 host PC
yum install ypserv ypbind
- Add the following line to the bottom of the file /etc/sysconfig/network
NISDOMAIN="foo.bar" YPSERV_ARGS="-p 783"
- Edit the file /etc/yp.conf and set up your domain:
domain foo.bar server 127.0.0.1
- Edit the file /etc/nsswitch.conf and add "nis" to three lines:
passwd: files nis shadow: files nis group: files nis
- Create the file /var/yp/securenets:
host 127.0.0.1
255.255.255.0 192.168.122.0
- Enable and start the NIS password (yppasswdd) service.
- Enable and start the NIS (ypserv) service.
- Enable and start the NIS map transfer (ypxfrd) service.
- Verify that your servers are running correctly with the following command:
rpcinfo -p
- Now change to directory /var/yp and run this command
make
Enable and start the NIS binding (ypbind) service. Use the following command to verify your NIS server is working - you should see joker's password record. ypcat passwd
Add a new user named clown, with password "seneca99". Repeat step 12. If you don't see both joker's and clown's password records then cd to /var/yp and run the "make" command again. Now modify your firewall so that the guest VM (client vm01) will be able to access your NIS server. You'll have to open port 111 as well as port 783 (see step 2 above). PART C: Setting up your VM to be an NFS client Login to your VM guest (vm01) and enable and start your ssh server with these commands
chkconfig --levels 2345 sshd on service sshd start
Use iptables to allow ssh connections to your VM guest machine. If you still have autofs installed (from last week) then uninstall it (yum remove autofs). Reboot your VM guest machine, login and use ifconfig to determine its IP address. Log out of your VM guest. From your Fedora host, ssh (as root) into your VM guest. Edit your guest's /etc/fstab file and insert this line
192.168.122.1:/home /home nfs defaults 0 0
Use the "mount -a" command to mount the /home directory. Check that /home is mounted by running and recording the output of the "df -Th" command. Install ypbind. Logout of your VM guest. PART D: Setting up your VM to be an NIS client Open your VM guest graphical login window and login as joker. Verify that joker is using the /home directory imported from your Fedora host. Now modify your authentication to include NIS. You can do this by selecting System->Administration->Authentication from the GNOME menu. You'll have to set the following: NIS server address (192.168.122.1) NIS domain name (foo.bar)
Now start the ypbind server with the command "service ypbind start". Test your configuration with the "ypcat passwd" command. You should see both joker's and clown's password records. NOTE: Clown's record is coming from your Fedora host because there is no clown user on your VM guest. Logout of joker and login as clown on your VM. NOTE: You may have to login as "other" if clown's name does not show up on the login screen.
Completing the Lab
Answer the following questions.
- What is your full name and 9-digit Seneca student ID?
- What is the function of the /etc/nsswitch.conf file?
- What is the purpose of the "-p" option to the rpcinfo command?
- Explain, in your own words, what the "make" command did in PART B step 10.
- Explain the syntax/meaning of the two records in the /var/yp/securenets file.
- What was the output of the "ypcat passwd" command from PART D, step 5?
- Explain, in your own words, the function of the portmapper service as seen in the "rpcinfo -p" command. Hint: Use Wikipedia.
- What did your final firewall on the host look like. Use iptables-save.
