HP Visualize c3600 IRIX to HP-UX Migration Guide - Page 92
Configuring and Administering an NIS Slave Server
View all HP Visualize c3600 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 92 highlights
NIS 3. Using a text editor, remove users who should not be allowed access to the NIS master server from the /etc/passwd file . Do not include a plus sign (+) in this file. 4. Use a text editor to edit the /var/yp/Makefile file as follows. Change the line PWFILE=$(DIR)/passwd to PWFILE=$(DIR)/passwd.yp 5. In the /etc/rc.config.d/namesvrs file, modify the YPPASSWDD_OPTIONS variable as follows. Change the line YPPASSWDD_OPTIONS="/etc/passwd -m passwd PWFILE=/etc/passwd" to YPPASSWDD_OPTIONS="/etc/passwd.yp -m passwd PWFILE=/etc/passwd.yp" 6. Issue the following commands to regenerate the NIS passwd maps from /etc/passwd.yp: # cd /var/yp # /usr/ccs/bin/make passwd These commands generate both the passwd.byname and the passwd.byuid maps and pushes them to the slave servers. If your slave servers are not up and running yet, run make with the NOPUSH flag set to 1: # cd /var/yp # /usr/ccs/bin/make NOPUSH=1 passwd This procedure creates a restricted /etc/passwd file that is used only by the NIS master server. The unrestricted /etc/passwd.yp file is used to generate the NIS passwd maps, which are used by the rest of the hosts in the NIS domain. Configuring and Administering an NIS Slave Server The NIS master server must be configured and running before you start your slave servers. To Edit the Slave Server's passwd File Follow these teps to edit the slave server's passwd file: 1. Remove all users from the /etc/passwd file, except the root user and the system entries required for your system to boot. By convention, system entries usually have user IDs less than 100, so you can remove all entries with user IDs of 100 or greater. 2. Add the following entry as the last line in the /etc/passwd file: +::-2:60001::: The plus sign (+) causes processes to consult NIS for any user information not found in the local /etc/passwd file. The -2 in the user ID field restricts the access of people who may attempt to login using + as a valid user name when NIS is not running. Anyone who successfully logs in as + will be granted only the access missions of user nobody. 87