NIS server setup on RHEL/CentOS

NIS SERVER SETUP:

1. Install required packages:
# yum install ypserv portmap

2. Edit /etc/sysconfig/network and add static NIS ports:
YPSERV_ARGS="-p 841"
YPPASSWDD_ARGS="-p 842"
YPXFRD_ARGS="-p 843"

To verify currently used ports run:
# rpcinfo -p localhost

3. Open required ports in firewall. Edit /etc/sysconfig/iptables and add:
-A RH-Firewall-1-INPUT -p udp --dport 111 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 111 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 841 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 841 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 842 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 842 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 843 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 843 -j ACCEPT
# service iptables restart

4. Setup NIS domain name - edit /etc/sysconfig/network and add:
NISDOMAIN="internal"

5. Initialize NIS maps:
/usr/lib/yp/ypinit -m

6. Secure NIS - permit only trusted networks. You may allow only specified subnets using iptables (i.e. by adding -s 192.168.0.0/24 to the portmap and NIS ports) or by editing /var/yp/securenets and including permitted networks in following format:
255.255.255.0 192.168.0.0

7. Start services and include them in rc3.d scripts:
# service portmap start
# service ypserv start
# chkconfig portmap on
# chkconfig ypserv on
You may include yppasswdd and ypxfrd as well if you need them.

UPDATING NIS MAPS:

# cd /var/yp; make

NIS CLIENT SETUP:

Execute:
# authconfig --update --nisdomain=internal --nisserver=nis.example.com --enablenis

Or:
# authconfig-tui

Finally make sure that ypbind is running and it's added to rc3.d services:
# service ypbind start
# chkconfig ypbind on

VIEWING NIS MAPS:

On the client:
# getent <mapname>
# getent passwd

On any allowed host:
# ypcat -d internal -h nis.example.com <mapname>
# ypcat -d internal -h nis.example.com passwd