Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Naming and Directory Services (NIS+) |
Part I About Naming and Directory Services
Part II NIS+ Setup and Configuration
4. Configuring NIS+ With Scripts
5. Setting Up the NIS+ Root Domain
8. Configuring an NIS+ Non-Root Domain
10. NIS+ Tables and Information
12. Administering NIS+ Credentials
NIS+ Credentials and Credential Information
NIS+ Authentication Components
How NIS+ Principals Are Authenticated
NIS+ Credentials Preparation Phase
NIS+ Login Phase - Detailed Description
NIS+ Request Phase - Detailed Description
DES Credential Secure RPC Netname
DES Credential Verification Field in NIS+
How the DES Credential in NIS+ Is Generated
Secure RPC Passwords and the Login Password Problem in NIS+
Cached Public Keys Problems in NIS+
Where Credential-Related Information Is Stored in NIS+
Creating NIS+ Credential Information
NIS+ Credential-Related Commands
How nisaddcred Creates NIS+ Credential Information
LOCAL NIS+ Credential Information
DES Credential Information in NIS+
Secure RPC Netname and NIS+ Principal Name
Creating NIS+ Credential Information for the Administrator
Creating Credential Information for NIS+ Principals
For NIS+ User Principals - Example
Using a Dummy Password and chkey in NIS+ - Example
Creating Credential Information in Another NIS+ Domain - Example
Administering NIS+ Credential Information
Updating Your Own NIS+ Credential Information
Removing NIS+ Credential Information
14. Administering Enhanced NIS+ Security Credentials
15. Administering NIS+ Access Rights
16. Administering NIS+ Passwords
18. Administering NIS+ Directories
20. NIS+ Server Use Customization
23. Information in NIS+ Tables
Common NIS+ Namespace Error Messages
Credential information for principals is stored in a cred table. The cred table is one of the 16 standard NIS+ tables. Each domain has one cred table, which stores the credential information of client machines that belong to that domain and client users who are allowed to log into them. (In other words, the principals of that domain.) The cred tables are located in their domains' org_dir subdirectory.
Caution - Never link a cred table. Each org_dir directory must have its own cred table. Never use a link to some other org_dir cred table. |
For users, the cred table stores LOCAL credential information for all users who are allowed to log into any of the machines in the domain. The cred table also stores DES credential information for those users that have the domain as their home domain.
You can view the contents of a cred table with the niscat command, described in Chapter 19, Administering NIS+ Tables.
The cred table, as shown in Table 12-3, has five columns.
Table 12-3 NIS+ cred Table Credential Information
|
The Authentication Type column, determines the types of values found in the other four columns.
LOCAL. If the authentication type is LOCAL, the other columns contain a principal user's name, UID, and GID; the last column is empty.
DES. If the authentication type is DES, the other columns contain a principal's name, Secure RPC netname, public key, and encrypted private key. These keys are used in conjunction with other information to encrypt and decrypt a DES credential.