X-MimeOLE: Produced By Microsoft Exchange V6.5
Received: by onstor-exch02.onstor.net 
	id <01C878D3.3490CEB6@onstor-exch02.onstor.net>; Tue, 26 Feb 2008 16:56:29 -0700
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----_=_NextPart_001_01C878D3.3490CEB6"
Content-class: urn:content-classes:message
Subject: RE: Using NIS on cougar and SSC configuration with yp
Date: Tue, 26 Feb 2008 16:56:29 -0700
Message-ID: <BB375AF679D4A34E9CA8DFA650E2B04E05C74349@onstor-exch02.onstor.net>
In-Reply-To: <BB375AF679D4A34E9CA8DFA650E2B04E056C9404@onstor-exch02.onstor.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Using NIS on cougar and SSC configuration with yp
Thread-Index: Ach40hfaYC9ubUQTQgOXgOyS0BA6/QAANoBw
From: "Sandrine Boulanger" <sandrine.boulanger@onstor.com>
To: "Larry Scheer" <larry.scheer@onstor.com>,
	"Tim Gardner" <tim.gardner@onstor.com>
Cc: "dl-Cougar" <dl-Cougar@onstor.com>

This is a multi-part message in MIME format.

------_=_NextPart_001_01C878D3.3490CEB6
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I wonder if any of these is used for our local NIS, in case we use this
instead of an external NIS server
g9r204 diag> localmap
  edit    Edit a NIS map file
  export  Export a NIS map file
  import  Import a NIS map file
  repair  Repair a NIS map file
_____________________________________________
From: Larry Scheer=20
Sent: Tuesday, February 26, 2008 3:49 PM
To: Tim Gardner
Cc: dl-Cougar
Subject: Using NIS on cougar and SSC configuration with yp

Tim,
   As asked I investigated the configuration of NIS (aka YP)  on cougar
because several QA systems are taking a long time to boot due to ypbind
failing. Here is a quick summary of what I found.

I set up the developer's root file system, intended for in-house use
only, to use the following pre-configured files:

etc/yp.conf
etc/nsswitch.conf
etc/defaultdomain
etc/resolv.conf

These files are included as parts of a "development" build when the root
file system is created or updated with make. The contents of these files
are set to work with the in-house NIS domain "agilestorage" and the
ONStor DNS services. This was done so developers can easily access their
accounts and storage on mightydog by using the automounter and NIS
services.

The root file system that is made for production use does not get these
files and ypbind does not start automatically at boot time on the SSC.

Removing the file /etc/defaultdomain will turn off the automatic start
of ypbind by the /etc/init.d/nis rc script.

If the file /etc/defaultdomain is present ypbind will try to start on
the cougar's SSC. If /etc/defaultdomain and/or yp.conf do not contain
either the domain name onstorlab or agilestorage, ypbind will fail to
start. Also if defaultdomain is set to agilestorage and there is no
default route ypbind will fail to start.

There may be some cougar systems in the lab that are miss-configured. I
have encountered some systems with their /etc/defaultdomain file set to
onstor.lab.=20

To log into a virtual server via a NIS account you must have LOGIN
privileges set in the cluster context. Example:

priv add allow user larrys@onstorlab LOGIN cluster

You also need to have your NIS domain set correctly and your virtual
server set to use that domain.

domain add nis onstorlab 10.3.0.4

vsvr set <virtual server>
vsvr disable
vsvr set domain nis onstorlab
vsvr enable

To test NIS login:
ssh -l 'user@nisdomain' <vsvr IP>
Example:
ssh -l 'larrys@onstorlab' 10.3.5.69

I was able to successfully log in to a virtual server on a cougar system
that had the "production" root file system and no ypbind running on the
SSC.

Larry



------_=_NextPart_001_01C878D3.3490CEB6
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
6.5.7653.38">
<TITLE>RE: Using NIS on cougar and SSC configuration with yp</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT COLOR=3D"#000080" SIZE=3D2 =
FACE=3D"Arial">I wonder if any of these is used for our local NIS, in =
case we use this</FONT></SPAN><SPAN LANG=3D"en-us"></SPAN><SPAN =
LANG=3D"en-us"> <FONT COLOR=3D"#000080" SIZE=3D2 =
FACE=3D"Arial">instead</FONT></SPAN><SPAN LANG=3D"en-us"></SPAN><SPAN =
LANG=3D"en-us"><FONT COLOR=3D"#000080" SIZE=3D2 FACE=3D"Arial"> of an =
external NIS server</FONT></SPAN><SPAN LANG=3D"en-us"></SPAN><SPAN =
LANG=3D"en-us"></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT COLOR=3D"#000080" SIZE=3D2 =
FACE=3D"Arial">g9r204 diag&gt; localmap</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT COLOR=3D"#000080" SIZE=3D2 =
FACE=3D"Arial">&nbsp; edit&nbsp;&nbsp;&nbsp; Edit a NIS map =
file</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT COLOR=3D"#000080" SIZE=3D2 =
FACE=3D"Arial">&nbsp; export&nbsp; Export a NIS map =
file</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT COLOR=3D"#000080" SIZE=3D2 =
FACE=3D"Arial">&nbsp; import&nbsp; Import a NIS map =
file</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT COLOR=3D"#000080" SIZE=3D2 =
FACE=3D"Arial">&nbsp; repair&nbsp; Repair a NIS map =
file</FONT></SPAN><SPAN LANG=3D"en-us"></SPAN><SPAN =
LANG=3D"en-us"></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Tahoma">_____________________________________________<BR>
</FONT></SPAN><SPAN LANG=3D"en-us"><B></B></SPAN><SPAN =
LANG=3D"en-us"><B><FONT SIZE=3D2 =
FACE=3D"Tahoma">From:</FONT></B></SPAN><SPAN LANG=3D"en-us"></SPAN><SPAN =
LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Tahoma"> Larry Scheer<BR>
</FONT></SPAN><SPAN LANG=3D"en-us"><B></B></SPAN><SPAN =
LANG=3D"en-us"><B><FONT SIZE=3D2 =
FACE=3D"Tahoma">Sent:</FONT></B></SPAN><SPAN LANG=3D"en-us"></SPAN><SPAN =
LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Tahoma"> Tuesday, February 26, =
2008 3:49 PM<BR>
</FONT></SPAN><SPAN LANG=3D"en-us"><B></B></SPAN><SPAN =
LANG=3D"en-us"><B><FONT SIZE=3D2 =
FACE=3D"Tahoma">To:</FONT></B></SPAN><SPAN LANG=3D"en-us"></SPAN><SPAN =
LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Tahoma"> Tim Gardner<BR>
</FONT></SPAN><SPAN LANG=3D"en-us"><B></B></SPAN><SPAN =
LANG=3D"en-us"><B><FONT SIZE=3D2 =
FACE=3D"Tahoma">Cc:</FONT></B></SPAN><SPAN LANG=3D"en-us"></SPAN><SPAN =
LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Tahoma"> dl-Cougar<BR>
</FONT></SPAN><SPAN LANG=3D"en-us"><B></B></SPAN><SPAN =
LANG=3D"en-us"><B><FONT SIZE=3D2 =
FACE=3D"Tahoma">Subject:</FONT></B></SPAN><SPAN =
LANG=3D"en-us"></SPAN><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Tahoma"> Using NIS on cougar and SSC configuration with =
yp</FONT></SPAN><SPAN LANG=3D"en-us"></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Arial">Tim,</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Arial">&nbsp;&nbsp; As asked I investigated the configuration of =
NIS (aka YP)&nbsp; on cougar because several QA systems are taking a =
long time to boot due to ypbind failing. Here is a quick summary of what =
I found.</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">I set =
up the developer&#8217;s root file system, intended for in-house use =
only, to use the following pre-configured files:</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Arial">etc/yp.conf</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Arial">etc/nsswitch.conf</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Arial">etc/defaultdomain</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Arial">etc/resolv.conf</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">These =
files are included as parts of a &#8220;development&#8221; build when =
the root file system is created or updated with make. The contents of =
these files are set to work with the in-house NIS domain =
&#8220;agilestorage&#8221; and the ONStor DNS services. This was done so =
developers can easily access their accounts and storage on mightydog by =
using the automounter and NIS services.</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">The =
root file system that is made for production use does not get these =
files and ypbind does not start automatically at boot time on the =
SSC.</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Arial">Removing the file /etc/defaultdomain will turn off the =
automatic start of ypbind by the /etc/init.d/nis rc =
script.</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">If =
the file /etc/defaultdomain is present ypbind will try to start on the =
cougar&#8217;s SSC. If /etc/defaultdomain and/or yp.conf do not contain =
either the domain name onstorlab or agilestorage, ypbind will fail to =
start. Also if defaultdomain is set to agilestorage and there is no =
default route ypbind will fail to start.</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">There =
may be some cougar systems in the lab that are miss-configured. I have =
encountered some systems with their /etc/defaultdomain file set to =
onstor.lab. </FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">To =
log into a virtual server via a NIS account you must have LOGIN =
privileges set in the cluster context. Example:</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">priv =
add allow user larrys@onstorlab LOGIN cluster</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">You =
also need to have your NIS domain set correctly and your virtual server =
set to use that domain.</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Arial">domain add nis onstorlab 10.3.0.4</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">vsvr =
set &lt;virtual server&gt;</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">vsvr =
disable</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">vsvr =
set domain nis onstorlab</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">vsvr =
enable</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">To =
test NIS login:</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">ssh =
-l 'user@nisdomain' &lt;vsvr IP&gt;</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Arial">Example:</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">ssh =
-l 'larrys@onstorlab' 10.3.5.69</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 FACE=3D"Arial">I was =
able to successfully log in to a virtual server on a cougar system that =
had the &#8220;production&#8221; root file system and no ypbind running =
on the SSC.</FONT></SPAN></P>

<P ALIGN=3DLEFT><SPAN LANG=3D"en-us"><FONT SIZE=3D2 =
FACE=3D"Arial">Larry</FONT></SPAN></P>
<BR>

</BODY>
</HTML>
------_=_NextPart_001_01C878D3.3490CEB6--
