Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Help regarding NIS+
Operating Systems Solaris Help regarding NIS+ Post 302079311 by nitinkgoud on Sunday 9th of July 2006 02:48:47 AM
Old 07-09-2006
Question Help regarding NIS+
Hi Guys,
I have lots of doubts regarding NIS+.I also think by basics could be wrong......I am trying to pick up stuff from documents which are a bit murky. I am working on production environment so I am afraid of trial and error! Please help.

1) What is the difference between root domain master server and non root domain master server, are the tables for both of these servers same? (Considering /etc files on both of these were different)
2) What is Secure RPC password, and how is it secure as it is needed when ever we set up a NIS+ client?
3) Why do we add our self and other admins to admin group? And will our passwords remain same?
4) When any machine is added as NIS+ client should the IP of that machine be available in the hosts table on the server? If yes how do I do it? How do I add client IP to NIS+ server hosts table?
5) Also when a client is added a message appears “Your network and login passwords are now the same” what is the is the RPC password and root password for this client (considering that RPC password was XYZ and root password was ABC before nisclient script was run) and if the RPC password changes do we have to use this changed password when we initialize another client!
6) If we have 10 NIS+ clients have 10 different root passwords, do we also 10 different RPC password..........in other words dose the root password also act as RPC password for that particular client?
7) What is the exact meaning of “Initializing NIS+ client user”? Say I have a server S1 which has users U1,U2 do they have to run nisclient -u command individually and once again I suppose their passwords will become RPC passwords for the users( S1 is a NIS+ client of S2).
8) Also are these users U1 and U2 bound to server S1 only? (I.e. can they only login to S1 only?)
9) Say I have added another server S2 for webhosting and I have to add user X1....... He should only be able to able to log on to X1 only not to S1. This S2 server acts as NIS+ client of NIS+ server N1..........I think I have to nisclient -u command but where exactly on N1 or S2..........Also user X1 is a newuser and server S2 is just built from scratch so X1 is an unknown entity for S2. Is this possible in NIS+?
10) Is there any generic command to edit the NIS+ tables?

Are there any good documentation for newbie's like myself?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

NIS

Hello anyone... I am new to UNIX and I recently bought a Sparc 10 to play around with. Well, last night I executed something called EasyInstall in my /usr/etc/install directory and I selected to "Use NIS". Now when my system boots up it is looking for a NIS server to connect to and keep trying(... (5 Replies)
Discussion started by: jskillet
5 Replies

2. UNIX for Advanced & Expert Users

Solaris NIS+ and RedHat NIS+

Hello all, I'm not sure if this is the right forum, but I would like to know if Redhat running NIS ( not NIS +) would have conflict with Solaris running NIS+. Currently I am running NIS+ on Solaris but will be adding RedHat to the network. I seem to be unable to find and information regarding... (2 Replies)
Discussion started by: larry
2 Replies

3. IP Networking

differences nis nis+

Hello together. Is there someone who is able to explain me the differences between NIS and NIS+. thanks in advance joerg (2 Replies)
Discussion started by: joerg
2 Replies

4. UNIX for Dummies Questions & Answers

NIS map mail.aliases specified, but NIS not running

Hi all, I just took over the admin role from someone and I wanna setup sendmail (just to send mail from the host) however, after I config all the resolv.conf, nssitch.conf, hosts file and when I try to send a mail out, after I punched ctl-D, it returned he following, "NIS map mail.aliases... (2 Replies)
Discussion started by: stancwong
2 Replies

5. UNIX for Advanced & Expert Users

SUSE 9 and 10 NIS clients with RedHat 8.0 NIS server not working

We have a RedHat 8.0 NIS master, with a RedHat 8.0 NIS Slave. We also have a small number of SUSE 9.1 and SUSE 10 machines here for evaluation. However, no matter what i do, the SUSE machines will not talk to the NIS Servers. If i broadcast for NIS Servers for the specified NIS domain, it... (1 Reply)
Discussion started by: fishsponge
1 Replies

6. Solaris

nis

i want to dedicate my nis client system to some perticler group users. how can it possible on solaris. (0 Replies)
Discussion started by: nag.mi2000
0 Replies

7. Solaris

nis

hai any body send me the replay please. is it necessary to configure NFS , before configuring NIS on solaris9 or solaris10. (1 Reply)
Discussion started by: nag.mi2000
1 Replies

8. Solaris

How to configure a NIS client bound to the NIS server in another subnet?

Hi, all. I have a Solaris client here needs to bind to NIS server in another subnet. Following is the configuration i made on the client, 1) edit /etc/inet/hosts to add an entry of the NIS server -- nserver01 2) execute `domainname` to set local NIS domain to the domain of the NIS server.... (1 Reply)
Discussion started by: sn_wukong
1 Replies

9. Shell Programming and Scripting

Validating that the NIS and NIS+ services are disabled

I'm creating a scrip for auditing our AIX box's to ensure that they are built according to our system standards. I'm not sure on the logic for checking to see if the NIS and NIS+ services are disabled. any idea's? (2 Replies)
Discussion started by: sport
2 Replies

10. Red Hat

Need Help ON NIS

Hi, I am new to NIS, In my company need to create a user with admin rights and the user was created but he is unable to login. below are the difference i am getting for me and him. root@ abc]# getent passwd cric cric:x:60215:20059:a:/home/cric:/bin/csh # ypcat passwd | grep sam... (5 Replies)
Discussion started by: phanidhar6039
5 Replies

LEARN ABOUT PHP

nisclient

nisclient(1M)						  System Administration Commands					     nisclient(1M)

NAME

       nisclient - initialize NIS+ credentials for NIS+ principals

SYNOPSIS

       /usr/lib/nis/nisclient -c [-x] [-o] [-v] [-l <network_password>] [-d <NIS+_domain>] client_name...

       /usr/lib/nis/nisclient -i [-x] [-v] -h <NIS+_server_host> [-a <NIS+_server_addr>] [-k <key_domain>] [-d <NIS+_domain>] [-S 0 | 2]

       /usr/lib/nis/nisclient -u [-x] [-v]

       /usr/lib/nis/nisclient -r [-x]

DESCRIPTION

       The nisclient shell script can be used to:

	 o  create NIS+ credentials for hosts and users

	 o  initialize NIS+ hosts and users

	 o  restore the network service environment

       NIS+ credentials are used to provide authentication information of NIS+ clients to NIS+ service.

       Use  the  first synopsis (-c option) to create individual NIS+ credentials for hosts or users. You must be logged in as a NIS+ principal in
       the domain for which you are creating the new credentials. You must also have write permission to the local "cred" table.  The  client_name
       argument  accepts  any  valid  host or user name in the NIS+ domain (for example, the client_name must exist in the hosts or passwd table).
       nisclient verifies each client_name against both the host and passwd tables, then adds the proper NIS+ credentials for hosts or users. Note
       that  if  you  are creating NIS+ credentials outside of your local domain, the host or user must exist in the host or passwd tables in both
       the local and remote domains.

       By default, nisclient will not overwrite existing entries in the credential table for the hosts and users specified. To overwrite, use  the
       -o  option.  After  the credentials have been created, nisclient will print the command that must be executed on the client machine to ini-
       tialize the host or the user. The -c option requires a network password for the client which is used to encrypt	the  secret  key  for  the
       client.	You can either specify it on the command line with the -l option or the script will prompt you for it. You can change this network
       password later with passwd(1) or chkey(1).

       nisclient -c is not intended to be used to create NIS+ credentials for all users and hosts which  are  defined  in  the	passwd	and  hosts
       tables. To define credentials for all users and hosts, use nispopulate(1M).

       Use  the  second  synopsis (-i option) to initialize a NIS+ client machine. The -i option can be used to convert machines to use NIS+ or to
       change the machine's domainname. You must be logged in as super-user on the machine that is to become a	NIS+  client.  Your  administrator
       must  have  already  created  the NIS+ credential for this host by using nisclient -c or nispopulate -C. You will need the network password
       your administrator created. nisclient will prompt you for the network password to decrypt your secret key and then for this machine's  root
       login  password	to  generate a new set of secret/public keys. If the NIS+ credential was created by your administrator using nisclient -c,
       then you can simply use the initialization command that was printed by the nisclient script to initialize this host instead  of	typing	it
       manually.

       To initialize an unauthenticated NIS+ client machine, use the -i option with -S 0. With these options, the nisclient -i option will not ask
       for any passwords.

       During the client initialization process, files that are being modified are backed up as files.no_nisplus. The files that are usually modi-
       fied   during   a   client   initialization   are:   /etc/defaultdomain,   /etc/nsswitch.conf,	/etc/inet/hosts,   and,   if   it  exists,
       /var/nis/NIS_COLD_START. Notice that a file will not be saved if a backup file already exists.

       The -i option does not set up a NIS+ client to resolve hostnames using DNS. Please refer to the DNS documentation for information  on  set-
       ting up DNS. (See resolv.conf(4)).

       It is not necessary to initialize either NIS+ root master servers or machines that were installed as NIS+ clients using suninstall(1M).

       Use  the  third	synopsis  (-u  option) to initialize a NIS+ user. You must be logged in as the user on a NIS+ client machine in the domain
       where your NIS+ credentials have been created. Your administrator should have already created the NIS+ credential for your  username  using
       nisclient  -c  or  nispopulate(1M). You will need the network password your administrator used to create the NIS+ credential for your user-
       name. nisclient will prompt you for this network password to decrypt your secret key and then for your login password to generate a new set
       of secret/public keys.

       Use the fourth synopsis (-r option) to restore the network service environment to whatever you were using before nisclient -i was executed.
       You must be logged in as super-user on the machine that is to be restored. The restore will only work if the machine was  initialized  with
       nisclient -i because it uses the backup files created by the -i option.

       Reboot the machine after initializing a machine or restoring the network service.

OPTIONS

       The following options are supported:

       -a <NIS+_server_addr>   Specifies the IP address for the NIS+ server. This option is used only with the -i option.

       -c		       Adds DES credentials for NIS+ principals.

       -d <NIS+_domain>        Specifies  the  NIS+  domain where the credential should be created when used in conjunction with the -c option. It
			       specifies the name for the new NIS+ domain when used in conjunction with the -i option. The default is your current
			       domainname.

       -h <NIS+_server_host>   Specifies the NIS+ server's hostname. This option is used only with the -i option.

       -i		       Initializes a NIS+ client machine.

       -l <network_password>   Specifies  the network password for the clients. This option is used only with the -c option. If this option is not
			       specified, the script will prompt you for the network password.

       -k  <key_domain>        This option specifies the domain where root's credentials are stored. If a domain is not specified, then the system
			       default domain is assumed.

       -o		       Overwrites existing credential entries. The default is not to overwrite. This is used only with the -c option.

       -r		       Restores the network service environment.

       -S 0|2		       Specifies  the  authentication level for the NIS+ client. Level 0 is for unauthenticated clients and level 2 is for
			       authenticated (DES) clients. The default is to set up with level 2 authentication. This is used only  with  the	-i
			       option.	nisclient  always  uses  level 2 authentication (DES) for both -c and -u options.  There is no need to run
			       nisclient with -u and -c for level 0 authentication. To configure authentication mechanisms other than DES at secu-
			       rity level 2, use nisauthconf(1M) before running nisclient.

       -u		       Initializes a NIS+ user.

       -v		       Runs the script in verbose mode.

       -x		       Turns the "echo" mode on. The script just prints the commands that it would have executed. Notice that the commands
			       are not actually executed. The default is off.

EXAMPLES

       Example 1: Adding the DES Credential in the Local Domain

       To add the DES credential for host sunws and user fred in the local domain:

       example% /usr/lib/nis/nisclient -c sunws fred

       Example 2: Adding the DES Credential in a Specified Domain

       To add the DES credential for host sunws and user fred in domain xyz.example.com.:

       example% /usr/lib/nis/nisclient -c -d xyz.example.com. sunws fred

       Example 3: Initializing the Host in a Specific Domain

       To initialize host sunws as a NIS+ client in domain xyz.example.com. where nisplus_server is a server for the domain xyz.example.com.:

       example# /usr/lib/nis/nisclient -i -h nisplus_server -d xyz.example.com

       The script will prompt you for the IP address of nisplus_server if the server is not found in the /etc/hosts file. The -d option is  needed
       only if your current domain name is different from the new domain name.

       Example 4: Initializing the Host as an Unauthenticated Client in a Specific Domain

       To  initialize  host  sunws  as	an  unauthenticated NIS+ client in domain xyz.example.com. where nisplus_server is a server for the domain
       xyz.example.com:

       example# /usr/lib/nis/nisclient -i -S 0 
	  -h nisplus_server -d xyz.example.com. -a 172.16.44.1

       Example 5: Initializing the User as a NIS+ principal

       To initialize user fred as a NIS+ principal, log in as user fred on a NIS+ client machine.

       example% /usr/lib/nis/nisclient -u

FILES

       /var/nis/NIS_COLD_START	       This file contains a list of servers, their transport addresses, and their  Secure  RPC	public	keys  that
				       serve the machines default domain.

       /etc/defaultdomain	       The system default domainname.

       /etc/nsswitch.conf	       Configuration file for the name-service switch.

       /etc/inet/hosts		       Local host name database.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWnisu			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       chkey(1), keylogin(1), nis+(1), passwd(1), keyserv(1M), nisaddcred(1M), nisauthconf(1M), nisinit(1M), nispopulate(1M), suninstall(1M), nss-
       witch.conf(4), resolv.conf(4), attributes(5)

NOTES

       NIS+ might not be supported in future releases of the SolarisTM Operating Environment. Tools to aid the migration from  NIS+  to  LDAP  are
       available in the Solaris 9 operating environment. For more information, visit http://www.sun.com/directory/nisplus/transition.html.

SunOS 5.10							    12 Dec 2001 						     nisclient(1M)
All times are GMT -4. The time now is 02:27 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy