[ This is probably better aimed at -questions, but seeing as I'm here... ]
On Thu, Jun 24, 1999 at 12:13:53AM -0400, Nick LoPresti wrote: > Here's my situation: > > 1. I would like to set up NIS on my network. > 2. I have one FreeBSD system(2.2.6) > 3. I have many other flavors of Unix on this network > 4. I would like the FreeBSD system to export it's passwd and group files to > the other machines > > How do I achieve this? Do I just run ypserv & ypbind? Any FAQ's around??? Well, I've just been through the same problem (and spent around a day figuring out the answer...). Making your box a NIS server is easy. Just do grep -i nis /etc/defaults/rc.conf and plug the results into your /etc/rc.conf. You probably want to enable nis_server and yppasswdd. You probably also want to look at ypinit(8). The hard bit is making the other Unix hosts understand our password file. Beacuse we use MD5 encrypted passwords, instead of DES encrypted ones, they won't understand them by default. There's a couple of stages to this: 1) Install the DES routines. (easy) If you're still running -RELEASE, then try looking on your CD for the des packages. (harder) If you've moved up to -STABLE, then you'll need to cvsup the secure-all stuff and rebuild the world. When you've done that, you need to repoint the /usr/lib/libcrypt* symlinks to point at libdescrypt* instead of libscrypt*. That last step took a while to figure out. :-) 2) You need to set the UNSECURE variable in /var/yp/Makefile. Most of this stuff is documented in the various manpages for yp... One final word of warning. You'd be best off not distributing your root password over nis. In fact, Sun reccomends that when setting up a nis server, you keep a separate copy of the passwd file, without "system" users in it. This will make sharing the pasword file easier across multiple vendors. You may want to look at the Sun Answerbooks for some more tips and ideas: http://docs.sun.com/ -- Dom Mitchell -- Palmer & Harvey McLane -- Unix Systems Administrator "Always think very hard before messing with TCP. And then don't." -- MC -- ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. ********************************************************************** To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
