3.3. NIS
Important
Before NIS can be configured as an identity store, NIS itself must be configured for the environment:
- A NIS server must be fully configured with user accounts set up.
- The
ypbindpackage must be installed on the local system. This is required for NIS services, but is not installed by default. - The
portmapandypbindservices are started and enabled to start at boot time. This should be configured as part of theypbindpackage installation.
3.3.1. Configuring NIS Authentication from the UI
- Open the
authconfigUI, as in Section 2.2.3, “Launching the authconfig UI”. - Select in the User Account Database drop-down menu.
- Set the information to connect to the NIS server, meaning the NIS domain name and the server host name. If the NIS server is not specified, the
authconfigdaemon scans for the NIS server. - Select the authentication method. NIS allows simple password authentication or Kerberos authentication.Using Kerberos is described in Section 4.3.1, “Configuring Kerberos Authentication from the UI”.
3.3.2. Configuring NIS from the Command Line
To use a NIS identity store, use the
--enablenis. This automatically uses NIS authentication, unless the Kerberos parameters are explicitly set (Section 4.3.2, “Configuring Kerberos Authentication from the Command Line”). The only parameters are to identify the NIS server and NIS domain; if these are not used, then the authconfig service scans the network for NIS servers.
[root@server ~]# authconfig --enablenis --nisdomain=EXAMPLE --nisserver=nis.example.com --update
