Skip to content

Authentication

  • FreeIPA — Provides LDAP and Kerberos setup for Linux. Note that Ubuntu 20.10 comes with native support for LDAP for authentication.

LDAP

Kerberos

  • Can be used with either NIS or LDAP for single sign-on.

Additional resources

NIS

Tip

NIS is generally considered to be outdated and obsolete. It is not recommended for production deployments. Use something like LDAP instead.

Files that need to be updated

  • /etc/yp.conf — This is where ypserver is set.
  • /etc/hosts.conf — Had an obsolete order keyword which allows you to select in which order you process hostnames.
  • /etc/nsswitch.conf — Default file for domain name resolution.
  • /etc/network/interfaces — Static IP address and DNS nameserver.
  • /etc/passwd — Add +:::::: at the bottom to sync all users. Individual users can be whitelisted or blacklisted using +username:::::: or -username::::::, respectively.
  • /etc/group — Add +::: at the bottom to sync all groups.
  • /etc/shadow — Add +:::::: at the bottom to sync user passwords.

System daemons

  • dnsmasq — Listens on port 53 for requests.

System commands

# Start portmap
sudo service portmap start

# Start NIS client
sudo service ypbind Start

Additional resources