NIS setup with user home directory on one server

Hi all,

I am new to OpenSuse.

I am attempting to setup the following:

1.User login/authentication via a single NIS server.
2. User home directory should also be on the Same NIS server.
3. If possible to setup a single shared home directory for all users.

OpenSuse version 11.2

There are twelve workstations from which users will login using the NIS authentication.

I have succeeded in setting up NI server. However login fails as the home directory is not accessible.

Any help / suggestions would be welcome.

Tushar

On Tue, 2010-05-04 at 20:46 +0000, tvyoda wrote:
> Hi all,
>
> I am new to OpenSuse.
>
> I am attempting to setup the following:
>
> 1.User login/authentication via a single NIS server.
> 2. User home directory should also be on the Same NIS server.
> 3. If possible to setup a single shared home directory for all users.
>
> OpenSuse version 11.2
>
> There are twelve workstations from which users will login using the
> NIS authentication.
>
> I have succeeded in setting up NI server. However login fails as the
> home directory is not accessible.

Did you export the home directory via NFS off the server where the home
dirs reside?

Also, you want to look at using a location other than /home, else make
sure that all local dirs go somewhere else.

>
> Any help / suggestions would be welcome.
>
> Tushar
>
>

Sorry to sound dumb btu can you elaborate on exporitng home directory via NFS please?

Tushar

I suppose that when you know about NIS, you know about NFS. NFS is the software that makes it possible to have the disk space of one system available on the other. Thus when you have the home directories of your users physical on one system you use NFS to have them also on the other system. OR, when you have all the users on both systems, you do not export/mount every individual home directory, but the whole /home directory from one system to the other(s).

On the NFS server you must have the packages nfs-kernel-server and yast-nfs-server installed. Then you can go to YaST > Network > Netwotk Services > NFS Server to configure and start. Of course you first make sure you know what NFS is and what you want with it.

On the clients you should have nfs-client installed. Again YaST > Network services > NFS Client will help you configuring.

When you think you understand what you are doing and during the above processes you have questions, please ask.

Thanks.

Looks like I need to look at NFS as well.

Tushar

Of course, how did you think to share the home directories before then?

Follow the advice, do some reading first. I run this config in a couple of networks for customers; if you need help after reading, get back here

And…a warm welcome to the community

tvyoda wrote:
> Sorry to sound dumb btu can you elaborate on exporitng home directory
> via NFS please?
>
> Tushar
>
>

It’s easily done through YaST. Go to network services and you’ll see (or
should see) an option for NFS server. I’d only do NFS4 if your network is all
Linux or contemporary Unix clients. The next panel allows you to export
directories. If they need to be read/write, make sure to use the rw option in
the options list.

Then, IMHO, you need to look at how to push out an automount map for your new
home area so that the clients can automount your NFS area on demand for the home
dirs.

I have an old generic presentation here… but again, YaST can make some of
this easier, except possibly dealing with maps. Let’s just say, IF you
understand a bit of the detail, you can tweak things quite a bit. For example
the makefile in /var/yp can be edited to add custom maps (etc.). Also, in your
nsswitch.conf on client platforms, you may make adjustments to it to only look
to NIS for maps that actually exist. This isn’t horrible on openSUSE as it
makes the correct assumption that normal people don’t push a hosts
(nsswitch.conf) map for hostname resolution (use DNS instead).

http://www.ntlug.org/NIS/Presentation

YaST tries to make things easier, but sometimes its like working with an
inexperienced sysadmin… it doesn’t necessary do things the “right” way (right
being defined by an experienced sysadmin).

Hi All,

thanks for all the feedback so far.

I have got a solution of sorts as follows:

Server - setup as NFS and NIS server.
Setup /home as shared directory for nfs with rw permissions.
Setup user accounts - john and dan.
Works fine
Workstation/Client -

    1. setup as NFS client and linked/mapped(sorry for windoz terminology) home directory on nfs server to local home dirctory. I had to update /etc/fstab directly as yaST NFS client would not allow this as /etc/fstab already has an entry for /home.
    1. setup NIS client pointing to NFS server.
  • WS has only root local account.

Although the firewall settings options were ticked in the YaST menu it still prevented connection so I have currently disabled firewall. Currently not an issue. I can address which ports etc to open correctly later.

I can get users successfully on any workstation setup as NIS client.

problem:
I can log on as, say, john concurrently on both workstations.
However, I can not run the same application on both at the same time. For example, firefox on WS1 is fine. But when I try to open Firefox on WS2, it does not let me as it detects it as already open. How can I overcome this?
In Windoz it is not a problem as a separate set pf “profile” folders are automatically created on each workstation that the user logs on to, even concurrently. All temp files are stored locally.

Any ideas to address this issue please?

T
:expressionless:

You’ll need different profiles, I don’t see how you can avoid that. Think of bookmarks, which one should be allowed to update the bookmark file if the user is allowed to have more than one session concurrent? Perhaps you can work out something by passing the profile name with -P.

Like ken_yap says, no way you can have one user starting FF twice. FF puts a lock in /home/USERNAME/.mozilla/firefox/PROFILENAME, as soon as you start it. Same goes for a lot of other apps. Same goes for M$ networks.
IMHO you use NFS/NIS to have the one and only homedir for a user in one place. No matter where the user is, he can login and use hesh settings. But a user cannot be in 2 places at the same time, doing different things to the same data.

It is often even seen as a security issue when one user is at two places at the same time.

I agree and appreciate what and why of the current setup and agree with both of you. In W$ as long as you do not setup roaming profiles, each Workstation to which a user logs onto sets up local working directories for that working account. So all applications use these local directories to create their local versions of working files. So I can for instance log on to WS1 and WS2 as john and run FF on both. Each will create local instances of temp files. So the problem I am encountering could not occur. Is it possible to do the same in Linux?

T
:expressionless:

Then user data will be local, and there would be no need to export /home from the server.

But that would of course make any configuration changes done by a user on WS1 not done on WS2, and a file saved on WS1 is not on WS2, etc.

Yep, but NFS exports, does not make local copies of exported folders. And so the .lock file that FF creates if there for user John, no matter where he does his next step. A lot of the config files in FF use sqlite, that will not like John attacking the same bookmark record from 2 places.
What would be next, having the same doc open as one user on 2 different machines and keep changes from both in the doc?

Thanks for all your feedback - very valuable and most appreciated.

I can now implement it live.

I would like to prevent user logins list from being displayed at the login screen on the KDE login screen. I presume this would be best posted to the KDE section.:slight_smile: Here we go again.:wink:

From a normal KDE login, the configuration thingy from the main menu (I do not know the exact english term, have a translatiuon here), the advanced > login screen. Look through the tabs.