Home -- Tutorials -- Quickies -- Manual Pages -- Search -- Feedback -- About The Site -- Forum
Setting up NIS/yp on FreeBSD
 added 1.26.1999 -- written by Ted Wisniewski
Article Description: Want to have centralized user and password databases? This is what NIS/yp is for. This article will help you to set up NIS as a master or slave server.
The first step is to set the NIS domain in the /etc/rc.conf file.

  • Look for the line similar to the one below, initially it is set to


    • nisdomainname="NO".

    Change it to (where 'mynisdomain' is what you want the name of your NIS domain to be):

    nisdomainname="mynisdomain"

  • Now, reboot the machine.


    • Setting up a Server:

  • Upon boot-up, log in as root.
  • cd /var/yp

  • cp Makefile.dist Makefile

  • Either make a copy of /etc/master.passwd to /var/yp or make a sym-link to /etc/master.passwd; The choice is yours, I recommend making a copy end taking out all the "admin" users.

  • In the /var/yp directory, create a file called "ypservers" and put names of all servers that will be served by this "NIS Server" (you should not include the local machine) each machine on a line by itself.

  • Uncomment the line for "nis" in /etc/host.conf

  • add entries in /etc/hosts for each client/slave server; this will make it so NIS does not depend on DNS servers to work. (generally a good idea).

  • vi Makefile


    • (now you will have to make any changes to this file before running "make")

    Since I wanted the machine to be a server, I commented out the "NOPUSH" line.

  • run "make"

  • I assume no error messages occur, and, if this is the case, continue.

  • Let's assume you want the server also to be a client. (vi /etc/rc.conf) Plug your NIS domain in for "mynisdomain" and your local hostname in for "hostname".


    • nis_client_enable="YES"
    nis_client_flags="-S mynisdomain,hostname"

  • Leave this alone.


    • nis_ypset_enable="NO"
    nis_ypset_flags=""

  • Since we are a server, turn this on.


    • nis_server_enable="YES"
    nis_server_flags=""

  • And this too.


    • nis_ypxfrd_enable="YES"
    nis_ypxfrd_flags=""

  • Since we are the primary server... We need the passwd server.


    • nis_yppasswdd_enable="YES" and tell it where the master password file that we are using is located.

    nis_yppasswdd_flags="-t /var/yp/master.passwd"

  • do a "vipw" and add "+:::::::::" as the last line in the file; add a similar entry to the end of /etc/group.

  • reboot the machine.


    • Setting up a NIS Slave Server:

  • Set the NIS domain in /etc/rc.conf, an example is below; Note: The domain must be the same as the server.


    • nisdomainname="mynisdomain"

  • We are a client.


    • nis_client_enable="YES"
    nis_client_flags="-S mynisdomain,hostname"
    ** hostname is your hostname

  • Do not change this:


    • nis_ypset_enable="NO"
    nis_ypset_flags=""

  • We are also a server:


    • nis_server_enable="YES"
    nis_server_flags=""

  • Since we are also a server, we do want to get the updates from the master.


    • nis_ypxfrd_enable="YES"
    nis_ypxfrd_flags=""

  • Since we are not the primary server, we do not run the passwdd.


    • nis_yppasswdd_enable="NO"
    nis_yppasswdd_flags=""

  • do a "vipw" and add "+:::::::::" as the last line in the file; add a similar entry to the end of /etc/group.

  • Add entries for ALL NIS master servers to /etc/hosts.

  • Uncomment the "nis" line in /etc/host.conf

  • Make the directory "/var/yp/domainname"
    where domainname is the one you specified in /etc/rc.conf
    (same domain as the server).

  • reboot the machine.

  • force a YPXFR the first time, and from then on it will be automatic.


    • ** nisdomain is assumed to be "mynisdomain"
    ** Master server is "servermachine"

    Here are the commands to force it:

    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain group.bygid
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain group.byname
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain hosts.byaddr
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain hosts.byname
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain master.passwd.byuid
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain master.passwd.byname
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain netid.byname
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain networks.byname
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain networks.byaddr
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain passwd.byuid
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain passwd.byname
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain protocols.byname
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain protocols.bynumber
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain rpc.byname
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain rpc.bynumber
    ypxfr -f -d mynisdomain -h servermachine -s mynisdomain ypservers
    © Copyright 1998-2012 VANGEYN.Net, unless otherwise noted.