What's a good way to share login information between computers on a LAN?

Hi all, I have a set of five computers on a private LAN, all running openSUSE 12.1. There is one machine that is the “server” and four more that are “clients”. The server exports it’s /home and the clients all use that, so that the user directories are identical on all machines. I want to make it so that if I add a user on the server, then that user account will be available from all of the machines. Currently, I just copy the new entry from /etc/passwd and /etc/shadow to the clients, but I’d rather do it in a more automatic way. What is the correct approach?

I’ve considered using LDAP or NIS, as these supposedly seem to be the correct tools for this, but I haven’t found a how-to guide that explains how to set it up.

I’ve considered using NFS to export /etc/passwd and /etc/shadow, but what if one of the machines needs a user account (such as wwwrun) that the others don’t? Will that cause problems?

I figured it out. NIS works - set it up as a server on the server and export passwd and shadow with GID’s limited between 1000 and 1100, and set it up as a client on the clients.

Unfortunately, none of the webpages I came across ever explicitly stated that NIS was the tool to use.

On 2012-01-01 05:46, quantamm wrote:
>
> I figured it out. NIS works - set it up as a server on the server and
> export passwd and shadow with GID’s limited between 1000 and 1100, and
> set it up as a client on the clients.
>
> Unfortunately, none of the webpages I came across ever explicitly
> stated that NIS was the tool to use.

Interesting…

Yes, people use ldap, but your idea looks neat, too.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

I’ve been using NIS for ages, combined with NFS. At home, but also in a couple of networks I manage. The openSUSE wiki and SDB have articles on how to set it up, but if you managed to get NFS working, NIS shouldn’t be a problem. If you need help, start a new thread and include as much info as you can.

this is not meant to be a negative remark to you and your searching abilities, but it is often difficult to find the correct info on the internet. especialy as you know what you want (shared user database), but not the name (NIS) to look for.

NIS, as @Knurpht says, exists allready for ages. It was started by SUN for it’s Unix (SunOS/Solaris) under the name of Yellow Pages (hence the names of most of the commands start with yp), but all main Unix tastes (HP-UX, AIX, …) had/have it. And of course there were allready manuals about it before the Internet became the Internet. I guess that at least some of this documentation must have made it to the Internet.

On your system you will find the man pages for the yp-tools like

man ypcat
man ypmatch
man yppoll
man ypserv
man ypset

and more.

On Sun, 01 Jan 2012 04:46:02 +0000, quantamm wrote:

> I figured it out. NIS works - set it up as a server on the server and
> export passwd and shadow with GID’s limited between 1000 and 1100, and
> set it up as a client on the clients.
>
> Unfortunately, none of the webpages I came across ever explicitly stated
> that NIS was the tool to use.

NIS isn’t often used these days - LDAP is what’s most commonly used to
share authentication information between systems now.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C