3.4.4 About NIS Authentication

NIS stores administrative information such as user names, passwords, and host names on a centralized server. Client systems on the network can access this common data. This configuration allows to move from machine to machine without having to remember different passwords and copy data from one machine to another. Storing administrative information centrally, and providing a means of accessing it from networked systems, also ensures the consistency of that data. NIS also reduces the overhead of maintaining administration files such as /etc/passwd on each system.

A network of NIS systems is a NIS domain. Each system within the domain has the same NIS domain name, which is different from a DNS domain name. The DNS domain is used throughout the Internet to refer to a group of systems. A NIS domain is used to identify systems that use files on a NIS server. A NIS domain must have exactly one master server but can have multiple slave servers.

To be able to configure NIS authentication, use yum to install the yp-tools and ypbind packages.

If you use the Authentication Configuration GUI and select NIS as the user account database, you are prompted to enter the names of the NIS Domain and the NIS master server.

You can configure NIS to use either NIS authentication or Kerberos authentication.

Warning

NIS authentication is deprecated as it has security issues, including a lack of protection of authentication data.

For information about using Kerberos authentication with NIS, see Section 3.4.6, “About Kerberos Authentication”.