JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Working With Naming and Directory Services in Oracle Solaris 11.1     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

Part I About Naming and Directory Services

1.  Naming and Directory Services (Overview)

2.  Name Service Switch (Overview)

3.  Managing DNS (Tasks)

4.  Setting Up Oracle Solaris Active Directory Clients (Tasks)

Part II NIS Setup and Administration

5.  Network Information Service (Overview)

6.  Setting Up and Configuring NIS (Tasks)

7.  Administering NIS (Tasks)

Password Files and Namespace Security

Administering NIS Users

How to Add a New NIS User to an NIS Domain

Setting User Passwords

NIS Netgroups

Working With NIS Maps

Obtaining Map Information

Changing a Map's Master Server

How to Change a Map's Master Server

Modifying Configuration Files

How to Modify Configuration Files

Modifying and Using /var/yp/Makefile

Working With the Makefile

Changing Makefile Macros/Variables

Modifying Makefile Entries

How to Modify /var/yp/Makefile to Use Specific Databases

How to Modify the Makefile to Delete Databases

Updating and Modifying Existing Maps

How to Update Maps Supplied With the Default Set

Maintaining Updated Maps

Propagating an NIS Map

Using the cron Command for Map Transfers

Using Shell Scripts With cron and ypxfr

Directly Invoking the ypxfr Command

Logging ypxfr Activity

Modifying Non-Default Maps

Using the makedbm Command to Modify a Non-Default Map

Creating New Maps From Text Files

Adding Entries to a File-Based Map

Creating Maps From Standard Input

Modifying Maps Made From Standard Input

Working With NIS Servers

Binding to a Specific NIS Server

How to Set a Machine's NIS Domain Name

How to Configure Machine Host Name and Address Lookup Through NIS and DNS

Turning Off NIS Services

8.  NIS Troubleshooting

Part III LDAP Naming Services

9.  Introduction to LDAP Naming Services (Overview)

10.  Planning Requirements for LDAP Naming Services (Tasks)

11.  Setting Up Oracle Directory Server Enterprise Edition With LDAP Clients (Tasks)

12.  Setting Up LDAP Clients (Tasks)

13.  LDAP Troubleshooting (Reference)

14.  LDAP Naming Service (Reference)

15.  Transitioning From NIS to LDAP (Tasks)

Glossary

Index

Working With NIS Maps

This section contains the following information:

Obtaining Map Information

Users can obtain information from and about the maps at any time by using the ypcat, ypwhich, and ypmatch commands. In the examples that follow, mapname refers both to the official name of a map and to its nickname, if any.

To list all the values in a map, type the following:

% ypcat mapname

To list both the keys and the values (if any) in a map, type the following:

% ypcat -k mapname 

To list all the map nicknames, type any of the following commands:

% ypcat -x
% ypmatch -x
% ypwhich -x

To list all the available maps and their masters, type the following:

% ypwhich -m

To list the master server for a particular map, type the following:

% ypwhich -m mapname

To match a key with an entry in a map, type the following:

% ypmatch key mapname

If the item you are looking for is not a key in a map, type the following:

% ypcat mapname | grep item

where item is the information for which you are searching. To obtain information about other domains, use the -d domainname option of these commands.

If the machine requesting information for a domain other than its default does not have a binding for the requested domain, ypbind consults the /var/yp/binding/domainname/ypservers file for a list of servers for that domain. If this file does not exist it issues an RPC broadcast for a server. In this case, there must be a server for the requested domain on the same subnet as the requesting machine.

Changing a Map's Master Server

To change the master server for a selected map, you first have to build the map on the new NIS master. Since the old master server name occurs as a key-value pair in the existing map (this pair is inserted automatically by makedbm), copying the map to the new master or transferring a copy to the new master with ypxfr is insufficient. You have to reassociate the key with the new master server name. If the map has an ASCII source file, you should copy this file to the new master.

How to Change a Map's Master Server

  1. Become an administrator on the NIS master server.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Change directories.
    newmaster# cd /var/yp
  3. The /var/yp/Makefile must have an entry for the new map before you specify the map to make.

    If this is not the case, edit the Makefile now. For this example, add an entry for a map called sites.byname.

  4. To update or remake the map, type the following:
    newmaster# make sites.byname
  5. If the old master remains an NIS server, remote log in (ssh) to the old master and edit /var/yp/Makefile.

    Make sure that you comment out the section of the Makefile that made the sites.byname map so that it is no longer made there.

  6. If sites.byname only exists as an ndbm file, remake it on the new master server.

    First, disassemble a copy of the sites.byname file by using the ypcat command. Then, run the disassembled version through makedbm.

    newmaster# cd /var/yp
    newmaster# ypcat sites.byname | makedbm domain/sites.byname 

    After making the map on the new master, you must send a copy of the new map to the other slave servers. Do not use yppush, because the other slaves will try to get new copies from the old master, rather than the new one. A typical method for circumventing this is to transfer a copy of the map from the new master back to the old master. To do this, become superuser, or assume an equivalent role, on the old master server and type the following.

    oldmaster# /usr/lib/netsvc/yp/ypxfr -h newmaster sites.byname

    Now it is safe to run yppush. Any remaining slave servers still believe that the old master is the current master and will attempt to get the current version of the map from the old master. When clients do so, they will get the new map, which names the new master as the current master.

    If this method fails, you can log in as root on each NIS server and execute the ypxfr command as shown.

Modifying Configuration Files

NIS intelligently parses the setup files. Although this makes NIS administration easier, it does make the behavior of NIS more sensitive to changes in the setup and configuration files.

Use the procedures in this section when doing any of the following:

How to Modify Configuration Files

Keep the following in mind.

  1. Become an administrator.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Stop the NIS server.
    # svcadm disable network/nis/server
  3. Make the necessary changes to your files.
  4. Start the NIS server.
    # svcadm enable network/nis/server

Modifying and Using /var/yp/Makefile

You can modify the Makefile provided by default in /var/yp to suit your needs. You can add or delete maps, and you can change the names of some of the directories.


Tip - Keep an unmodified copy of the original Makefile for future reference.


Working With the Makefile

To add a new NIS map, you must get copies of the ndbm files for the map into the /var/yp/domainname directory on each of the NIS servers in the domain. This is normally done for you by the Makefile. After deciding which NIS server is the master of the map, modify the Makefile on the master server so that you can conveniently rebuild the map. Different servers can be masters of different maps, but in most cases this leads to administrative confusion. Try to set only one server as the master of all maps.

Typically a human-readable text file is filtered through awk, sed, or grep to make it suitable for input to makedbm. Refer to the default Makefile for examples. See the make(1S) for general information about the make command.

Use the mechanisms already in place in the Makefile when deciding how to create dependencies that make will recognize. Be aware that make is very sensitive to the presence or absence of tabs at the beginning of lines within the dependency rules. A missing tab can invalidate an entry that is otherwise well formed.

Adding an entry to the Makefile involves the following.

For example, in order for the Makefile to work on automounter input files, you would have to add the auto_direct.time and auto_home.time maps to the NIS database.

To add these maps to the NIS database you need to modify the Makefile.

Changing Makefile Macros/Variables

You can change the settings of the variables defined at the top of the Makefile by changing the value to the right of the equal sign (=). For instance, if you do not want to use the files located in /etc as input for the maps, but you would rather use files located in another directory, such as /var/etc/domainname, you should change DIR from DIR=/etc to DIR=/var/etc/domainname. You should also change PWDIR from PWDIR=/etc to PWDIR=/var/etc/domainname.

The variables are the following:

Modifying Makefile Entries

The following procedure describes how to add and delete databases from the Makefile.

How to Modify /var/yp/Makefile to Use Specific Databases

This procedure requires that you have already configured an NIS master server.

  1. Become an administrator.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Modify the line that starts with the word all by adding the names of the database you want to add:
    all: passwd group hosts ethers networks rpc services protocols \
        netgroup bootparams aliases netid netmasks \
        audit_user auth_attr exec_attr prof_attr \
      auto_direct auto_home auto_direct.time auto_home.time

    The order of the entries is not relevant, but the blank space at the beginning of the continuation lines must be a Tab, not spaces.

  3. Add the following lines at the end of the Makefile:
    auto_direct: auto_direct.time
    auto_home: auto_home.time
  4. Add an entry for auto_direct.time in the middle of the file.
    auto_direct.time: $(DIR)/auto_direct
     @(while read L; do echo $$L; done < $(DIR)/auto_direct
     $(CHKPIPE)) | \ (sed -e "/^#/d" -e "s/#.*$$//" -e "/^ *$$/d"
     $(CHKPIPE)) | \ $(MAKEDBM) - $(YPDBDIR)/$(DOM)/auto_direct;
     @touch auto_direct.time;
     @echo "updated auto_direct";
     @if [ ! $(NOPUSH) ]; then $(YPPUSH) auto_direct; fi
     @if [ ! $(NOPUSH) ]; then echo "pushed auto_direct"; fi

    where

    • CHKPIPE makes certain that the operations to the left of the pipe (|) are successfully completed before piping the results to next commands. If the operations to the left of the pipe do not successfully complete, the process is terminated with a NIS make terminated message.

    • NOPUSH prevents the makefile from calling yppush to transfer the new map to the slave servers. If NOPUSH is not set, the push is done automatically.

    The while loop at the beginning is designed to eliminate any backslash-extended lines in the input file. The sed script eliminates comment and empty lines.

    Follow the same procedure for all other automounter maps, such as auto_home or any other non-default maps.

  5. Run the make command.
    # make mapname

    where mapname is the name of the map you want to make.

How to Modify the Makefile to Delete Databases

If you do not want the Makefile to produce maps for a specific database, edit the Makefile as follows.

  1. Delete the name of the database from the all rule.
  2. Delete or comment out the database rule for the database you want to delete.

    For example, to delete the hosts database, the hosts.time entry should be removed.

  3. Remove the time rule.

    For example, to delete the hosts database, the hosts: hosts.time entry should be removed.

  4. Remove the map from the master and slave servers.