Shulou(Shulou.com)06/01 Report--

This article mainly introduces the operation and maintenance staff how to modify the web server password in batches, the article is very detailed, has a certain reference value, interested friends must read it!

As an operation and maintenance staff, sometimes we need to change the password in batches to the web server we are responsible for. If we change the password one by one, it will be relatively troublesome, so here we can use the NIS account for unified authentication.

We assume that there is an account master server to manage the accounts of all hosts in the domain. When other hosts have the need to log in, they come to this master server to ask for relevant account numbers, passwords and other user information. In this way, if you want to add, modify or delete user data, just go to this master server to deal with it. In this way, you can reduce the steps of repeatedly setting up user accounts!

NIS=Network Information Service network information service

Network Information Service should be called SunYellow Pages (yp for short) at the earliest.

Configure NIS server for centralized authentication

NIS is ypserv; S mode, server program software name, ypserv; client program software name, ypbind, client tool is yp-tools (yppasswd)

Experimental environment:

XueGod63 (Server) = XueGod64 (Client)

Server and client software installation

Server:

[root@XueGod63 ~] # yum install ypserv / / NIS Service main package

Client:

[root@XueGod64 ~] # yum install ypbind-y / / NIS client, ypbind process package

[root@XueGod64 ~] # yum install-y yp-tools rpcbind

/ / NIS client tools, such as the yppasswd command

Server-related configuration files:

/ etc/ypserv.conf / / NIS server master configuration file, which can control whether NIS clients can access the NIS server (in short, ACL is configured)

/ etc/hosts / / IP- host corresponding records. If there is no DNS system, hosts needs to store the records of each NIS client host.

NIS Server configuration can log in users

[root@XueGod63 ~] # mkdir / home/NISHOME / / can be generated directly under home without building it

[root@XueGod63] # useradd-d / home/NISHOME/nisuser1 nisuser1

[root@XueGod63] # useradd-d / home/NISHOME/nisuser2-s / sbin/nologinnisuser2

/ / Test user, which is used to test whether this account can be used to log in to other systems

[root@XueGod63 ~] # echo nisuser1:123456 | chpasswd

[root@XueGod63 ~] # echo nisuser2:123456 | chpasswd

NIS domain name configuration

[root@XueGod63 ~] # nisdomainname / / NIS Domain name View Command (provided by net-tools)

[root@XueGod63 ~] # vim/etc/sysconfig/network / / modify the configuration file, which is in effect permanently

NETWORKING=yes

HOSTNAME=XueGod63

GATEWAY=192.168.1.254

NTPSERVERARGS=iburst

NISDOMAIN=XueGod.cn # NIS domain name, not NISDOMAINNAME. Restart takes effect.

[root@XueGod63 ~] # nisdomainnameXueGod.cn / / you can also use this command, which is temporarily valid, similar to the hostname command

[root@XueGod63 ~] # nisdomainname

XueGod.cn

Server Hosts file configuration

[root@XueGod63 ~] # vim / etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

:: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.1.63 XueGod63 # add all NIS clients, including yourself (NIS Server)

192.168.1.64 XueGod64

Ypserv.conf main profile configuration

The main function of the ypserv.conf configuration file is to allow those Server to connect to the NIS Server, which allows all intranet clients to

Connect to the NIS server, but all other clients refuse to connect

[root@XueGod63 ~] # vim / etc/ypserv.conf

# generally speaking, you can set it to the following appearance according to our domain, that is, the three lines added in the experiment

# Host: Domain: Map: Security

127.0.0.1 none 255.0.0.. 0: *: *:

192.168.1.0 none 255.255.255.0: *: *

*: *: deny

Establish NIS database

[root@XueGod63 ~] # service ypserv start

/ / to start the ypserv service, otherwise the NIS database cannot be established

Starting YP server services: [OK]..

[root@XueGod63~] # / etc/init.d/rpcbind restart. [OK]

[root@XueGod63 ~] # / usr/lib64/yp/ypinit-m / / create a database (this command requires an absolute path)

[root@XueGod63] # / usr/lib64/yp/ypinit-m

Enter your own host

Start the NIS service

[root@XueGod63 ~] # / etc/init.d/ypserv restart

[root@XueGod63 ~] # / etc/init.d/yppasswddrestart / / otherwise adding new data will not take effect

[root@XueGod63 ~] # chkconfig ypservon

[root@XueGod63 ~] # chkconfig yppasswdd on

Configure client to join NIS domain

[root@XueGod64 ~] # yum install-y ypbind yp-tools rpcbind / / these two tools have been installed previously

/ etc/init.d/rpcbind start

Starting rpcbind: [OK]

[root@XueGod64 ~] # system-config-authentication / / this command requires the support of the graphical interface. Fill in the figure below.

After clicking Apply

Starting NIS service: [OK]

Binding NIS service:. [OK]

You can now test whether to log in with nisuser1

[root@XueGod63 ~] # sshnisuser1@192.168.1.64 / / Test Telnet on XueGod63

All right, as long as you can log in, you can use it.

The above is all the contents of the article "how to modify the password of web server in batches". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.