JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Naming and Directory Services (NIS+)
search filter icon
search icon

Document Information

Preface

Part I About Naming and Directory Services

1.  Name Service Switch

Part II NIS+ Setup and Configuration

2.  NIS+: An Introduction

3.  NIS+ Setup Scripts

4.  Configuring NIS+ With Scripts

5.  Setting Up the NIS+ Root Domain

6.  Configuring NIS+ Clients

7.  Configuring NIS+ Servers

8.  Configuring an NIS+ Non-Root Domain

9.  Setting Up NIS+ Tables

Part III NIS+ Administration

10.  NIS+ Tables and Information

11.  NIS+ Security Overview

12.  Administering NIS+ Credentials

13.  Administering NIS+ Keys

14.  Administering Enhanced NIS+ Security Credentials

Diffie-Hellman Extended Key

Transitioning NIS+ to a New Public Key-Based Security Mechanism

Configuring NIS+ Security Mechanisms

Creating New NIS+ Security Mechanism Credentials

New NIS+ Security Mechanism Credentials - Example

Adding New Keys to NIS+ Directory Objects

Adding New Public Keys to NIS+ Directory Objects - Example

Configuring NIS+ Servers to Accept New Security Mechanism Credentials

Configuring NIS+ Servers to Accept New Security Mechanism Credentials - Example

Configuring NIS+ Machines to Use New Security Mechanism Credentials

Configuring NIS+ Machines to Use New Security Mechanism Credentials - Examples

Manually Refresh NIS+ Directory Objects - Example NETNAMER

Changing the Password Protecting New NIS+ Credentials

Change Password Protecting New NIS+ Credentials - Example

Configuring NIS+ Servers to Accept Only New Security Mechanism Credentials

Configuring NIS+ Servers to Accept Only New Security Mechanism Credentials - Example

Removing Old Credentials From the NIS+ cred Table

Removing Old Credentials From the NIS+ cred Table - Example

15.  Administering NIS+ Access Rights

16.  Administering NIS+ Passwords

17.  Administering NIS+ Groups

18.  Administering NIS+ Directories

19.  Administering NIS+ Tables

20.  NIS+ Server Use Customization

21.  NIS+ Backup and Restore

22.  Removing NIS+

23.  Information in NIS+ Tables

24.  NIS+ Troubleshooting

A.  NIS+ Error Messages

About NIS+ Error Messages

Common NIS+ Namespace Error Messages

B.  Updates to NIS+ During the Solaris 10 Release

Solaris 10 and NIS+

Glossary

Index

Configuring NIS+ Servers to Accept New Security Mechanism Credentials

On each server, configure NIS+ authentication so that it accepts both the old and new credentials. This will require running nisauthconf(1m) and keylogin and restarting keyserv(1m). The keylogin command stores the keys for each mechanism in the /etc/.rootkey. See Keylogin With NIS+ for basic keylogin details.

Configuring NIS+ Servers to Accept New Security Mechanism Credentials – Example

In this example, the current authentication mechanism is des and the new mechanism is dh640-0. Note the ordering is significant here; any mechanisms after the des entry will be ignored for client and server NIS+ authentication.

server# nisauthconf dh640-0 des
server# keylogin -r
        (screen notices not shown)
server# /etc/reboot