NIS +

NIS + stands for N etwork Information S ervice P lus. It was designed to replace NIS, and is the default name service in Solaris . NIS + can provide limited support for NIS clients through its YP compatibility mode. NIS + was basically designed to overcome problems that were not solved with NIS.

It is important to note that there is actually no particular connection between NIS + and NIS. The combination of commands and the general structure of NIS + differ from NIS. The command syntax in NIS + is also different than in NIS. NIS + was designed from scratch.

NIS + has a higher level of secrecy due to the use of an additional authentication method. Users will still have a standard LOGIN PASSWORD, which gives them access to the system. In addition, they will also have SECURE RPC PASSWORD or NETWORK PASSWORD. (Network passwords are stored as encrypted entries in the NIS + table called 'cred' and are called 'credentials' or 'credentials'). This new password is required for actual access to NIS + and it is this one that provides a new level of privacy.

Typically, a custom LOGIN PASSWORD and NETWORK PASSWORD match, and the user will automatically have access to all NIS + functionality after logging in. However, if they are different, the user will have to execute the KEYLOGIN command and enter their NETWORK PASSWORD in order to access NIS +.

There are a huge number of programs related to NIS +. The most important are covered in this document. For a more detailed and detailed introduction to the commands related to NIS +, read ANSWERBOOK or Man .

Of the specially mentioned - NIS + demons:

RPC.NISD and NIS_CACHEMGR are standard NIS + daemons. They must run on every NIS + server and client.

In the 1970s, when computers were expensive and the networks consisted of several machines, they did not require a centralized administration system. But as soon as computers fell, the networks began to grow. It has become at times more difficult to maintain separate copies of network configurations on each of the machines on the network.

For example, if a new user or computer was added to the network, it was necessary to update the following files on each of the computers already existing on the network:

If a new user appeared in the network of 20 machines, the administrator had to change all 5 files on 21 computers or 105 files in total. With NIS +, adding a user or computer to the network will only entail changes in the NIS + server tables and in prescribing the path to the NIS + server on the new computer.

NIS + objects are structural elements used to build and define NIS + spaces. There are 5 basic NIS + objects. Objects are always separated by dots.

Directory Objects : Similar to the UNIX directory system in that they may contain one or more objects such as: tables, groups, individual entries or links. Directory objects make up an inverted tree structure in which the root (root) domain is at the top, and the subdomain branches are located towards the bottom. They are used to divide the NIS + space into different parts. Each main directory object will contain domain object directories org_dir and groups_dir. Org_dir contains table objects for this domain, groups_dir contains objects of the NIS + administrative group.

An example of a directory object:

  Sun.Com.
 org_dir.Sun.Com.
 groups_dir.Sun.Com.

Table objects : Similar to NIS tables (maps). They store various information about the network. Tables can contain zero or more record objects . There are 17 predefined table objects. Tables can be administered using the 'nistbladm' or 'nisaddent' commands. Record objects form rows in a table (rows).

Example of a table object:

  Passwd.org_dir.Sun.Com.
 Hosts.org_dir.Sun.Com.

Example Record Object:

  [name = user1], passwd.org_dir.Sun.Com.

Group Objects : These are groups of users who administer NIS + space. They grant the right to modify NIS + objects on a group basis. Groups are administered using the 'nisgrpadm' command.

Sample group object:

  admin.groups_dir.Sun.Com.

Reference Objects : These are pointers to other objects. They are like symbolic links in the file system. Usually point to a table or an entry in a table. Administered using the 'nisln' command.

On the NIS + server

1. Copy all files to your working directory and modify them as necessary: ​​eg. passwd, shadow, group, hosts, auto_home, auto_master

> cp / etc / passwd ~ admin / maps

2. Make sure that all server files listed in the tables, for example auto_home, have a common file system with it in / etc / dfs / dfstab. Do not forget to run

> svcadm enable network / nfs / server

when the file is modified.

3. Define your NIS + domain in / etc / defaultdomain

4. Ensure that the NIS + executable files from / usr / lib / nis are defined in your PATH

5. Initialize the server

> nisserver –r

6. Reboot

• Install and configure NIS +
• NIS + FAQ - Answers to NIS + Questions