|Skip Navigation Links|
|Exit Print View|
|System Administration Guide: Naming and Directory Services (NIS+)|
The following sections describe how to use the nisaddcred command to administer existing credential information. You must have create, modify, read, and destroy rights to the cred table to perform these operations.
Updating your own credential information is considerably easier than creating it. Just type the simple versions of the nisaddcred command while logged in as yourself:
# nisaddcred des # nisaddcred local
To update credential information for someone else, you simply perform the same procedure that you would use to create that person's credential information.
Thus, to completely remove a principal from the entire system, you must explicitly remove that principal's credential information from the principal's home domain and all domains where the principal has LOCAL credential information.
To remove credential information, you must have modify rights to the local domain's cred table. Use the -r option and specify the principal with a full NIS+ principal name:
# nisaddcred -r principal-name
The following two examples remove the LOCAL and DES credential information of the administrator Morena.doc.com. The first example removes both types of credential information from her home domain (doc.com.), the second removes her LOCAL credential information from the sales.doc.com. domain. Note how they are each entered from the appropriate domain's master servers.
rootmaster# nisaddcred -r morena.doc.com. salesmaster# nisaddcred -r morena.doc.com.
To verify that the credential information was indeed removed, run nismatch on the cred table, as shown below. For more information about nismatch, see Chapter 19, Administering NIS+ Tables.
rootmaster# nismatch morena.doc.com. cred.org_dir salesmaster# nismatch morena.doc.com. cred.org_dir