Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Naming and Directory Services (NIS+) |
Part I About Naming and Directory Services
Part II NIS+ Setup and Configuration
4. Configuring NIS+ With Scripts
5. Setting Up the NIS+ Root Domain
8. Configuring an NIS+ Non-Root Domain
10. NIS+ Tables and Information
12. Administering NIS+ Credentials
14. Administering Enhanced NIS+ Security Credentials
Transitioning NIS+ to a New Public Key-Based Security Mechanism
Configuring NIS+ Security Mechanisms
Creating New NIS+ Security Mechanism Credentials
New NIS+ Security Mechanism Credentials - Example
Adding New Keys to NIS+ Directory Objects
Adding New Public Keys to NIS+ Directory Objects - Example
Configuring NIS+ Servers to Accept New Security Mechanism Credentials
Configuring NIS+ Servers to Accept New Security Mechanism Credentials - Example
Configuring NIS+ Machines to Use New Security Mechanism Credentials
Configuring NIS+ Machines to Use New Security Mechanism Credentials - Examples
Manually Refresh NIS+ Directory Objects - Example NETNAMER
Changing the Password Protecting New NIS+ Credentials
Change Password Protecting New NIS+ Credentials - Example
Configuring NIS+ Servers to Accept Only New Security Mechanism Credentials
Configuring NIS+ Servers to Accept Only New Security Mechanism Credentials - Example
Removing Old Credentials From the NIS+ cred Table
Removing Old Credentials From the NIS+ cred Table - Example
15. Administering NIS+ Access Rights
16. Administering NIS+ Passwords
18. Administering NIS+ Directories
20. NIS+ Server Use Customization
23. Information in NIS+ Tables
Common NIS+ Namespace Error Messages
On each server, configure NIS+ authentication so that it accepts both the old and new credentials. This will require running nisauthconf(1m) and keylogin and restarting keyserv(1m). The keylogin command stores the keys for each mechanism in the /etc/.rootkey. See Keylogin With NIS+ for basic keylogin details.
In this example, the current authentication mechanism is des and the new mechanism is dh640-0. Note the ordering is significant here; any mechanisms after the des entry will be ignored for client and server NIS+ authentication.
server# nisauthconf dh640-0 des server# keylogin -r (screen notices not shown) server# /etc/reboot