NIS and usernames.

someone_4 · ‎12-12-2001

I have finaly taken everyones advice. I am pushing for everyone to have non root usernames and passwords. I was told ok .. but I have to have a solution on adding deleting and administrating the internal users. I was thinking of NIS ? Is this the right way to go if so what is the best config for NIS to do this? If not what are other solutions?

Richard

Jeff Machols · ‎12-12-2001

If you have lots of machines and they are all internal, I would NIS is the way to go. It's really straight forward to setup, in fact you can do it right from SAM if you want.

someone_4 · ‎12-12-2001

yes I have allot of servers and they are all internal.

Richard

Sridhar Bhaskarla · ‎12-12-2001

Security always comes into picture if we want to have flexibility. NIS has been an old standard of maintaining password files. If you are not much concerned about internal security, NIS should be very easy to setup. You have some good documentation here on configuring NIS.

http://docs.hp.com/hpux/onlinedocs/B1031-90048/B1031-90048.html

If you can afford spending more time with complex setup and, NIS+ is surely the way to go. It is also built-in. I guess LDAP may be too much to consider here.

If you don't mind spending some money,there are some good products like Control-SA (by Platinum) and SEOS (by CA?) that will also facilitate centralized administration. Ofcourse HP's IT/A will do the same and has been proven for enterprises.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try

Jeff Machols · ‎12-12-2001

Pick one machine to be the primary and one to be the secondary. You will have edit the /etc/rc.config.d/namesvrs for each and NIS_PRIMARY to 1 and on your primary and NIS_SLAVE to 1 on the secondary. Start up nis on both /sbin/init.d/nis.server and nis.client. Then create the NIS password and group file, start by copying your passwd and group to /etc/NIS/passwd and /etc/NIS/group. go to /var/yp and run make. This should push the maps out.

On the clients, edit the /etc/rc.config.d/namesvrs to point to your host, then start up the services.

You may want to run through NIS is Sys Admin manual, but that is the basics

A. Clay Stephenson · ‎12-12-2001

Hi Richard:

NIS or better NIS+ (if your boxes are 11x) is a good answer. You need to be aware that NIS is not a magin bullet. For example, if you create a user via SAM on your NIS server but you really want his home directory to be on another server, SAM will not do that. It will simply create the user's home directory on the local machine. If that user needs to be able to login to several hosts, you have to create home directories on each of those boxes along with .profiles, .dtprofiles, etc. If you want this to work really well, you need to take NIS/NIS+ to the next level and have NIS mange the automounter maps. In this scenario, the user's home directory actually resides on a particular host no matter where he logs in. To all boxes, it will appear as something like /home/richard but it will be NFS mounted.
I would get the O'reilly book 'Managing NFS and NIS' and study it carefully. You do not want a '+' passwd entry for root; you need to be able to get in to a box in case NIS is down.
In my case, I have a script which can update the root passwd on a given host or make it the same on a group of hosts.

Regards, Clay

If it ain't broke, I can fix that.

Sachin Patel · ‎12-12-2001

Hi Richard
I will suggest NIS or NIS+. Even if you have home directory in one system or all over.
First setup test bed with one server and one client. if that works ok involve one user who is interested and not cry too much.
Once you are comfortable then only go full scale. Remember don't go full scale in one day because if you have problem everyone will start shouting.
If you have one home directory setup automounter.
your passwd line will look like this for nfs home directory.
sachin:kjf:uid:gid:description:nfs_name/home/sachin/:shell

I will prefer command line then sam.

Sachin Patel

Is photography a hobby or another way to spend $

Patrick Wallek · ‎12-12-2001

I would also vote for either NIS or NIS+. Note that the two are distinctly different.

Be aware that NIS will NOT work with a trusted system and NIS+ will. NISS will work with HP-UX 10.20 and 11.X, but NIS+ will only work with HP-UX 11.X.

For more information on NIS and NIS+ check out the manual "Managing Systems and Workgroups: A Guide for HP-UX System Administrators"

http://docs.hp.com/hpux/onlinedocs/B2355-90742/B2355-90742.html

In the section "Administering a System: Managing System Security" there is a sub-section on Trusted Systems and NIS+.

Look in the Installing and Administering NFS Services manual for information on setting up NIS. This is one is for HP-UX 10.20.

http://docs.hp.com/hpux/onlinedocs/B1031-90000/B1031-90000.html

Here is the "Installing and Administering NFS Services" manual for HP-UX 11.X and it includes sections for setting up both NIS and NIS+.

http://docs.hp.com/hpux/onlinedocs/B1031-90048/B1031-90048.html

Categories

Company

Local Language

Forums

Discussions

Knowledge Base

Forums

Discussions

Knowledge Base

Forums

Discussions

Knowledge Base

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

NIS and usernames.

NIS and usernames.

Re: NIS and usernames.

Re: NIS and usernames.

Re: NIS and usernames.

Re: NIS and usernames.

Re: NIS and usernames.

Re: NIS and usernames.

Re: NIS and usernames.