3.3. NIS
Important
Before NIS can be configured as an identity store, NIS itself must be configured for the environment:
- A NIS server must be fully configured with user accounts set up.
- The
ypbind
package must be installed on the local system. This is required for NIS services, but is not installed by default. - The
portmap
andypbind
services are started and enabled to start at boot time. This should be configured as part of theypbind
package installation.
3.3.1. Configuring NIS Authentication from the UI
- Open the
authconfig
UI, as in Section 2.2.3, “Launching the authconfig UI”. - Select User Account Database drop-down menu.in the
- Set the information to connect to the NIS server, meaning the NIS domain name and the server host name. If the NIS server is not specified, the
authconfig
daemon scans for the NIS server. - Select the authentication method. NIS allows simple password authentication or Kerberos authentication.Using Kerberos is described in Section 4.3.1, “Configuring Kerberos Authentication from the UI”.
3.3.2. Configuring NIS from the Command Line
To use a NIS identity store, use the
--enablenis
. This automatically uses NIS authentication, unless the Kerberos parameters are explicitly set (Section 4.3.2, “Configuring Kerberos Authentication from the Command Line”). The only parameters are to identify the NIS server and NIS domain; if these are not used, then the authconfig
service scans the network for NIS servers.
[root@server ~]# authconfig --enablenis --nisdomain=EXAMPLE --nisserver=nis.example.com --update