This is a legacy process, and should be replaced with a different process, using LDAP or something, in new installations. However, if you are working in a legacy environment, this should do the trick for relatively sane installations of NIS and new Ubuntu installations.
The NIS domainname is nisDomain. Please note that in the context of NIS databases, “domainname” is an arbitrary string (you just pick one) and has nothing to do with your canonical domain name in DNS. [in other words, replace nisDomain with your local NIS domain].
Remember, please, to copy the database files before you edit them so that if you bork up royally, you can just go back easily. Use git, use cp, who cares, just make sure you have a known sane version to go back to quickly.
In order to add the client to the NIS database you, need to log into nisServer and edit the following files:
In ethers, you need to add the MAC (Ethernet) address. Get this information from the client machine by running ifconfig.
In netgroup, you need to add the client machine’s name.
In hosts, you need to add the IPv4 address and its name. Note that the IP address is assigned automatically via DHCP, and they are fairly static, but could change at any time.
Once that is done you need to:
in order to rebuild the NIS database.
You shouldn’t need to do a service nis restart. You shouldn’t need to do a service ypbind restart.
If you’re going to do this to more than one machine, configure it then clone it. Get it right once and use copies somehow, with whatever technology you usually use.
This article assumes that client machines should run an up-to-date installation of Ubuntu 16.04 LTS (Xenial Xerus). Please consider unattended-upgrades. Also, conventional wisdom states that you should have at least one local user on the machine.
Add nisServer to /etc/hosts, just for sanity:
Install the programs the client machine needs:
sudo apt install nis rpcbind nfs-common.
Upon installation you will be asked the NIS domainname, here nisDomain.
Add nisServers’s IP to /etc/yp.conf:
Explicitly set rpcbind as allowed over network:
Tell the client that NIS databases are available, and to query them first for the following categories by editing nsswitch. Note that there order of placement here matters; we have had anomalous permissions behavior if files precedes nis in some cases.
passwd: nis files
group: nis files
shadow: nis files
hosts: nis files mdns4_minimal [NOTFOUND=return] dns
networks: nis files
protocols: db files nis
services: db files nis
ethers: db files nis
rpc: db files nis
Ensure portmap starts on boot by adding service portmap start to /etc/rc.local:
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
# In order to enable or disable this script just change the execution
# By default this script does nothing.
service portmap start
You need to run update-rc.d nis defaults to install nis services at boot time, however, note that the default script links the boot script as S01nis in /etc/rc5.d, so if you find that nis is failing after boot, defaults may not be sufficient and you can try again with a higher S number.
You could put your NFS shares in /etc/fstab. Or you could sudo apt install autofs
Autofs is the file system service that mounts the user’s home directory via NFS when the directory is needed, including at login. In order to configure it, you need to edit the following files:
# This is a 'master' automounter map and it has the following format:
# mount-point [map-type[,format]:]map [options]
# For details of the format look at auto.master(5).
# NOTE: mounts done from a hosts map will be mounted with the
# "nosuid" and "nodev" options unless the "suid" and "dev"
# options are explicitly given.
/net yp auto.net
# Include /etc/auto.master.d/*.autofs
# The included files must conform to the format of this file.
# Include central master map if it can be found using
# nsswitch sources.
# Note that if there are entries for /net or /misc (as
# above) in the included master map any keys that are the
# same will not be seen as the first read key seen takes
# This is the trad way
# This is a way to do it by pulling a file from your nis directory on server
Note that +auto.home is a pointer reference to the /etc/yp/auto.home (or something similar) file on your nisServer.
Lastly, we have to configure lightdm, Ubuntu’s graphical login client. First, you have to enable manual logins via username. Second, there’s an is apparently an issue with some default sessions for some users, for some reason; at times, if the default session isn’t explicitly set, it borks. Anyway, it’s an easy fix. Create a local configuration by creating a conf file in the appropriate directory. Call it nis.conf or so. Basically lightdm will load *.conf in this dir when it runs, so you can call it anything. (This is debian convention.) This file has no man page, but googling around and trying variants helped. There’s a sample of the file (with syntax) at /usr/share/doc/lightdm/lightdm.conf.gz. Anyway, create this:
At this point, the client’s configuration is done. The client knows the server is there, and the server knows the client exists, so you should be able to log in with your nisServer credentials.
You need to sudo reboot to restart the client machine, ensure it brings the services up properly on every reboot, and log in to test it, preferably with more than one user.