Configure an NIS client under OpenSUSE Leap

This is the fourth part in our series of articles on centralized authentication. In the first two articles on NFS, we described sharing (or exporting) user directories from the server to the client computer (s). Next, we discussed setting up an NIS server to store user authentication data. Now, we will describe the configuration of a client workstation so that authentication does not take place locally, but on the NIS server.

  • Installation
  • Configuration
  • Authentication
  • Password caching

Share Post

Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on skype
Skype
Share on pinterest
Pinterest
Share on email
Email
Share on whatsapp
WhatsApp

Installation

The ypbind package is provided by the OSS repository.

# zypper install ypbind

Configuration

As with the configuration of the NFS client, we will use the YaST configuration tool (Yet another Setup Tool) in console mode.

# yast

Computer Graphic icon

Navigate to Network Services using the arrow keys, then press [Enter] to open this category. Similarly, open the NIS Client menu.

Press [Tab] twice and then [Enter] to Activate NIS. Do the same to enter the NIS domain and the address of the NIS server, then confirm with the Finish button.

Restart the client computer to take into account the new configuration.
Authentication

From there, I can connect to the client workstation. On the amandine.microlinux.lan server, I created a deadly user that I added to the NIS database (cd / var / yp && sudo make).

I am now trying to log in as a jmortreuse user on the NIS client bernadette.microlinux.lan.

[kikinovak @ alphamule: ~] $ ssh xxx @ bernadette
Password: ********
Have a lot of fun …
[xxx @ bernadette: ~] $

I’m showing the name of the NIS server.

[jmortreux @ bernadette: ~] $ ypwhich
amandine.microlinux.lan

To change my password, I can use the passwd command.

[jmortreux @ bernadette: ~] $ passwd
Change of password for xxx.
Current password: ********
New Password : ********
Retype the new password: ********
passwd: password updated successfully

Password caching

In the default configuration, OpenSUSE’s behavior regarding password changes may have raised some eyebrows in the eyes of system administrators.

Important Passwords are kept in cache by nscd, the Name Service Caching Daemon for performance reasons. The result is that the system administrator does not understand why password changes seem to be taken into account only at random.

For a healthier management of connection information, it is better to deactivate this functionality, by commenting the corresponding line in the file /etc/nscd.conf.

# enable-cache passwd yes

Once the service has been restarted (systemctl restart nscd), password changes are taken into account immediately.

Other Linux Sites

Newsletter

Follow Us