Server for NIS configuration
As previously mentioned the server for NIS component is to be installed on both the W2K domain controllers.
Resilient configuration
A degree of resilience is provided by the fact that the NIS server runs
on both domain controllers. Unusually for a NIS configuration both
these servers are in effect NIS “masters”. The transfer of
data between the two master servers is accomplished by normal Active
Directory replication rather than by the traditional Unix ypxfer
method. In fact SFU will make the second DC on which Server for NIS is
installed a “subordinate” server , which is in effect a
secondary NIS server
NIS data update frequency
On the Services for Unix Administration pane double click on
“Services for Unix [local]” on the right hand side. This
will expand to show the SFU components that are installed. Now double
click “Server For NIS” on the RHS of the pane. The LHS of
the pane should display “Server for NIS on local computer”
and a single tab “Map Updates”. Set the “Check for
updates” frequency to 5 minutes. Now click on the
“apply” button at the top RHS of the panel.
Note that setting the update frequency to 5 minutes is a trade off
between excessive load generated by checking for changed accounts and
having any such new or changed Unix account information available in a
timely fashion. If the 5 minute interval proves to be unacceptably long
for the propagation of new or changed account data the interval can be
lowered down to a minimum setting of 1 minute.
Password encryption
Services for Unix offers two options for password encryption, either
“crypt” the traditional Unix algorithm or the more recent
“md5”. Because not all Unix platforms in the environment
are capable of supporting md5 the NIS server algorithm used must be
crypt. Now double click “Server For NIS” on the RHS of the
pane to expand all NIS domains served. There should be only one
nisdomain the “testnis” domain.
User name mapping configuration
The user name mapping component is only installed on main file server.
It receives requests from the “Server for NFS
Authentication” agent running on that machine. In fact this
component should already be installed as part of the main file server
configuration. It will need to be correctly configured as shown below.
On the “Configuration” tab:
a) Select the check box “simple maps” (this means a one to
one mapping between Windows user names and Unix user names)
b) Select the “domain.local” domain in the “Windows domain name” drop down window
c) In the NIS domain name field enter “domain.local” (the NIS domain name)
Testing User name mapping
On each domain controller issue the following command from a “cmd” window
Mapadmin list –simple
The results of this command from each DC should be the same
Back to menu