need to set up common logins across unix shop need help

need to set up common logins across unix shop need help

Post by Greg Lewi » Thu, 30 Aug 2001 01:11:02



hello all, i have a problem that needs resolution.
1) i need to set up common login files across about 12 machines (all ultra
10 and Blade 1000) and someone mentioned NIS as a possible way to do this.
however, it is possible to do this with NIS, but there has to be an easier
way to do this.
i need the account to log into the main server (Blade) and have a home
directory there while having the power of the ultra 10 that they are logged
into.
someone also mentioned making the /etc directory a NFS directory common to
all machines.
this could work too, but wouldn't security be a problem?
anyway i am very confused about the best way to approach this problem and
was wondering if anyone could give me a hand?

thanks

Greg Lewis
Lab Configuration Assistant, UCCB Microelectronics Lab

 
 
 

need to set up common logins across unix shop need help

Post by Logan Sh » Thu, 30 Aug 2001 02:28:42




>i need to set up common login files across about 12 machines (all ultra
>10 and Blade 1000) and someone mentioned NIS as a possible way to do this.
>however, it is possible to do this with NIS, but there has to be an easier
>way to do this.

NIS is meant for exactly this purpose.  Actually, so is NIS+.  You
probably want to use NIS+, since NIS is very old.  (Then again, you may
mean NIS+ when you say NIS, since the names are so similar.)

Anyway, any other solution besides NIS, NIS+, or LDAP will have to be
something you build yourself.  I think you can see why learning NIS+
would be easier.  NIS+ really isn't that hard to learn if you have some
experience with databases.  It does have some quirks and confusing
areas that you'll just have to work through, but it is possible to get
it working.  :-)

Quote:>i need the account to log into the main server (Blade) and have a home
>directory there while having the power of the ultra 10 that they are logged
>into.

To do that, you'll want to choose where the home directory should be
physically located and then plan to use NFS to share that directory to
all the rest of the machines.  If you use the automounter, you can make
it so any machine will mount any home directory from the appropriate
place as needed.

Quote:>someone also mentioned making the /etc directory a NFS directory common to
>all machines.
>this could work too,

Not really.  It won't work because there are important files in /etc
that have to be different for different machines.  For instance,
/etc/nodename contains the machine's name.

To summarize, what you need to do is the following:

1.  Create an NIS+ server.

2.  Put all your network accounts (i.e. /etc/passwd) entries in it.
    This doesn't include users like "root"; just users you have added.

3.  Set up all your clients to refer to the NIS+ information by
    using "nisclient" so they can get access to it and editing
    /etc/nsswitch.conf so they choose to refer to it.

4.  Set up your home directories somewhere, and export the filesystem
    them to every machine using NFS.

5.  Set up the automounter so that clients will mount the home
    directories everywhere as needed.

This is a pretty complex and involved process, but once you get it
going, then things become pretty nice.  If you want to do it yourself,
I suggest you go to http://www.veryComputer.com/
there, especially the system administration guide.  There's enough
information there for you to figure out how to do it, but it might take
a while to digest it all.

  - Logan
--
"Our grandkids love that we get Roadrunner and digital cable."
(Adverti*t for Time Warner cable TV and internet access, July 2001)

 
 
 

need to set up common logins across unix shop need help

Post by Joe Blogg » Thu, 30 Aug 2001 06:16:00


NIS *is* the easiest way to do this, combined with automounter.  Period.


Quote:> hello all, i have a problem that needs resolution.
> 1) i need to set up common login files across about 12 machines (all ultra
> 10 and Blade 1000) and someone mentioned NIS as a possible way to do this.
> however, it is possible to do this with NIS, but there has to be an easier
> way to do this.
> i need the account to log into the main server (Blade) and have a home
> directory there while having the power of the ultra 10 that they are
logged
> into.
> someone also mentioned making the /etc directory a NFS directory common to
> all machines.
> this could work too, but wouldn't security be a problem?
> anyway i am very confused about the best way to approach this problem and
> was wondering if anyone could give me a hand?

> thanks

> Greg Lewis
> Lab Configuration Assistant, UCCB Microelectronics Lab

 
 
 

need to set up common logins across unix shop need help

Post by Mathew Kirsc » Thu, 30 Aug 2001 23:09:21



> Ugh, Logan, NIS+ is a *, let him start with NIS.

Besides, Sun is already starting to deny that NIS+ ever existed, with their
new LDAP naming service and all...
 
 
 

need to set up common logins across unix shop need help

Post by Greg Lewi » Fri, 31 Aug 2001 00:48:54


Perhaps a little more clarification is in order.
i am already in a domain that uses DNS (the university)
they do not want to use NIS+ or NIS as their naming service, i just want to
share logins in a 1 room computer lab.

> NIS *is* the easiest way to do this, combined with automounter.  Period.



> > hello all, i have a problem that needs resolution.
> > 1) i need to set up common login files across about 12 machines (all
ultra
> > 10 and Blade 1000) and someone mentioned NIS as a possible way to do
this.
> > however, it is possible to do this with NIS, but there has to be an
easier
> > way to do this.
> > i need the account to log into the main server (Blade) and have a home
> > directory there while having the power of the ultra 10 that they are
> logged
> > into.
> > someone also mentioned making the /etc directory a NFS directory common
to
> > all machines.
> > this could work too, but wouldn't security be a problem?
> > anyway i am very confused about the best way to approach this problem
and
> > was wondering if anyone could give me a hand?

> > thanks

> > Greg Lewis
> > Lab Configuration Assistant, UCCB Microelectronics Lab

 
 
 

need to set up common logins across unix shop need help

Post by Logan Sh » Fri, 31 Aug 2001 01:44:22




>Perhaps a little more clarification is in order.
>i am already in a domain that uses DNS (the university)
>they do not want to use NIS+ or NIS as their naming service, i just want to
>share logins in a 1 room computer lab.

"I would like to make a vehicle that rolls along the ground, but I do
not want want to use wheels."

Actually, it might help you to know that DNS and NIS/NIS+ serve
complementary roles.  The former deals with the translation of
hostnames to IP addresses and vice versa (and a few other related
things).  The latter deals with account names (a shared version of
/etc/passwd), automount entries, and other Unix-specific things like
that.  So, you can set up NIS/NIS+ yourself and only in your lab.

  - Logan
--
"Our grandkids love that we get Roadrunner and digital cable."
(Adverti*t for Time Warner cable TV and internet access, July 2001)

 
 
 

need to set up common logins across unix shop need help

Post by Charles Gillander » Fri, 31 Aug 2001 01:45:14



Quote:> Perhaps a little more clarification is in order.
> i am already in a domain that uses DNS (the university)
> they do not want to use NIS+ or NIS as their naming service, i just want
to
> share logins in a 1 room computer lab.

And has been mentioned earlier NIS *is* the best solution for you here, NIS
does not need to replace DNS but it can solve your problem very nicely.  In
your case you just need to be using a subset of all the potentailly
available NIS maps, most likely you need passwd, group and some sort of
auto.home for automountd.  That's it.

Please go find out something about NIS, do a little more research and if you
have specific questions about the kind of installation you need then feel
free to ask.  Doing what you want with anything other than some basic NIS
and automount is just asking for trouble; feel free to go ahead and do so
but be aware that it's not going to be the easiest solution ever.

------------------------------------------------------------------------------------
  Please note that the views expressed in this message are the views of the author
  alone and not necessarily the views of PMC-Sierra.
------------------------------------------------------------------------------------

 
 
 

need to set up common logins across unix shop need help

Post by Alan Coopersmit » Fri, 31 Aug 2001 09:40:07



|Perhaps a little more clarification is in order.
|i am already in a domain that uses DNS (the university)
|they do not want to use NIS+ or NIS as their naming service, i just want to
|share logins in a 1 room computer lab.

So setup NIS/NIS+ for yourself - it won't affect any machines outside of
the ones using it and you don't need anyone else to convert.

When I worked at UC Berkeley, the campus central computing ran the DNS
servers that managed all the host names, but there were also dozens of
NIS & NIS+ domains, ranging from the one covering the hundreds of
machines in the EECS department, to ones covering labs with a dozen or
so machines.  

--
________________________________________________________________________


  Working for, but definitely not speaking for, Sun Microsystems, Inc.

 
 
 

need to set up common logins across unix shop need help

Post by Mathew Kirsc » Fri, 31 Aug 2001 23:23:19



> Perhaps a little more clarification is in order.
> i am already in a domain that uses DNS (the university)
> they do not want to use NIS+ or NIS as their naming service, i just want to
> share logins in a 1 room computer lab.

If you want to use a "naming service", then those are the only choices. If
neither is acceptable to the powers that be... Well, I don't know what you can
do, because like I said, there ain't nothing else...

Is there any reason you enjoy intentionally crippling yourself? NIS and NIS+
were designed specifically for the task you want to perform. Anything else is
just reinventing a wheel that doesn't need to be reinvented.

NFS mounting /etc is not an option. Too many issues when the server is down,
or when you want to do offline system maintenance in single-user mode, etc...
It's just a can of worms that you don't want to open up.

I suppose you could use something like rdist or rsync to keep /etc/passwd and
/etc/shadow synchronized across the systems. However, to keep things from
getting convoluted, you need to specify to ALL the users that they can only
change their passwords by logging onto the server that keeps the master
copies. You also need to disable the passwd command on all but the master
server, and you need to write up a wrapper script for the passwd command on
the master server so that an rdist or rsync is initiated after the user
successfully changes his/her password.

 
 
 

1. Common tape type across unix workstation manufacturers...

Hi, a naive question from the masses :-)  My background is Sun-only
systems...

I need to have a unix system capable of reading tar tapes from
lots of different unix systems -- Sun, HP, Dec, etc.   Ultimately,
what I'd like is for people to be able to mail me a tape/cartridge
that is easy for them to write, no matter what kind of unix box they
have.  Is there a single tape type that comes standard from most/all
workstation manufacturers?  I know of the little 8 mm cartridge tapes,
the larger (paperback size) (QIC?) cartridge tapes, and the standard
9" mag tapes.

Thanks in advance for whatever info you can offer.  Much appreciated,

  - joe hummel
    UC-Irvine

2. protecting my hidden files

3. UNIX / VMS Common (character mode) Screen Manager Needed

4. Pb with SCSI NCR53C810 controler

5. Need help setting up xdm login session

6. linux floppies under solaris 2.5?

7. Need HELP on Shopping LIST

8. uucp/ppp problem with dial out modem

9. Need Help Setting up a dial back system under SCO Unix!!!!!

10. HELP NEEDED SETTING UP UNIX PRINTER

11. Need to convert DOS to UNIX with a *limited* set of UNIX commands

12. Need help running Mosaic 2.4 across SLIP/DIP line

13. Need help connecting UPS