JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Naming and Directory Services (NIS+)
search filter icon
search icon

Document Information

Preface

Part I About Naming and Directory Services

1.  Name Service Switch

Part II NIS+ Setup and Configuration

2.  NIS+: An Introduction

3.  NIS+ Setup Scripts

4.  Configuring NIS+ With Scripts

5.  Setting Up the NIS+ Root Domain

Introduction to NIS+ Root Domain Configuration

Standard Configuration and NIS-Compatible NIS+ Configuration Procedures

Establishing the NIS+ Root Domain

Summary of NIS+ Configuration Steps

NIS+ Security Considerations

Prerequisites to Establishing an NIS+ Root Domain

How to Configure an NIS+ Root Domain

NIS+ Root Domain Configuration Summary

6.  Configuring NIS+ Clients

7.  Configuring NIS+ Servers

8.  Configuring an NIS+ Non-Root Domain

9.  Setting Up NIS+ Tables

Part III NIS+ Administration

10.  NIS+ Tables and Information

11.  NIS+ Security Overview

12.  Administering NIS+ Credentials

13.  Administering NIS+ Keys

14.  Administering Enhanced NIS+ Security Credentials

15.  Administering NIS+ Access Rights

16.  Administering NIS+ Passwords

17.  Administering NIS+ Groups

18.  Administering NIS+ Directories

19.  Administering NIS+ Tables

20.  NIS+ Server Use Customization

21.  NIS+ Backup and Restore

22.  Removing NIS+

23.  Information in NIS+ Tables

24.  NIS+ Troubleshooting

A.  NIS+ Error Messages

About NIS+ Error Messages

Common NIS+ Namespace Error Messages

B.  Updates to NIS+ During the Solaris 10 Release

Solaris 10 and NIS+

Glossary

Index

NIS+ Root Domain Configuration Summary

Table 5-1 summarizes the steps required to configure a root domain. The summary assumes a simple case. Be sure you are familiar with the complete task descriptions before you use this summary as a reference. This summary does not show the server's responses to each command.

Table 5-1 Setting Up an NIS+ Root Domain: Action Summary

Tasks
Actions
Log in as superuser to rootmaster.
rootmaster% su

Password:

Check domain name.
# domainname
Check Switch file.
# more /etc/nsswitch.conf
[Optional] Configure Diffie-Hellman key length.
# nisauthconf dh640-0 des
Restart nscd if the switch file was modified.
# svcadm restart /system/name-service-cache
Remove /etc/.rootkey and restart keyserv.
# svcadm disable /network/rpc/keyserv

# rm -f /etc/.rootkey

# svcadm enable /network/rpc/keyserv

Stop NIS+ services.
# svcadm disable /network/rpc/nisplus
Remove leftover NIS+ material.
# rm -rf /var/nis*
Name the admin group.
# NIS_GROUP=admin.doc.com.; export NIS_GROUP
Initialize the root master.
# nisinit -r
[NIS-compat only]

Start the daemon with the -S 0 and -Y options.

Edit the /lib/svc/method/nisplus file to add the -S 0 and -Y options, then restart the service, as follows.
# svcadm restart network/rpc/nisplus
[NIS+ Only]

Start daemon with -S 0.

Edit the /lib/svc/method/nisplus file to add the -S 0 option, then enable the service, as follows.

# svcadm enable network/rpc/nisplus

Verify creation of root objects.
# ls -l /var/nis/data

# niscat -o doc.com.

Create org_dir and groups_dir tables.
# /usr/lib/nis/nissetup [-Y]
Create DES credentials for root master.
# nisaddcred des

Enter login password:

Create admin group.
# nisgrpadm -c admin.doc.com.
Assign full group rights to root directory.
# nischmod g+rmcd doc.com.
Add rootmaster to admin group.
# nisgrpadm -a admin.doc.com. rootmaster.doc.com.
Update root directory's keys. Update org_dir's keys. Update groups_dir's keys.
# /usr/lib/nis/nisupdkeys doc.com.

# /usr/lib/nis/nisupdkeys org_dir.doc.com.

# /usr/lib/nis/nisupdkeys groups_dir.doc.com.

Restart the NIS+ service.
# svcadm restart network/rpc/nisplus
Add your LOCAL credentials.
# nisaddcred -p 11177 -P topadmin.doc.com. local
Add your DES credentials.
# nisaddcred -p unix.11177@doc.com -P topadmin.doc.com. des

Enter login password:

Add credentials for other admins.
# nisaddcred ...
Add other admins to admin group.
# nisgrpadm -a admin.doc.com members
Allocate swap space.
# /usr/lib/nis/nisstat