JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Naming and Directory Services (NIS+)
search filter icon
search icon

Document Information


Part I About Naming and Directory Services

1.  Name Service Switch

Part II NIS+ Setup and Configuration

2.  NIS+: An Introduction

3.  NIS+ Setup Scripts

4.  Configuring NIS+ With Scripts

5.  Setting Up the NIS+ Root Domain

6.  Configuring NIS+ Clients

7.  Configuring NIS+ Servers

8.  Configuring an NIS+ Non-Root Domain

9.  Setting Up NIS+ Tables

Part III NIS+ Administration

10.  NIS+ Tables and Information

11.  NIS+ Security Overview

12.  Administering NIS+ Credentials

13.  Administering NIS+ Keys

14.  Administering Enhanced NIS+ Security Credentials

15.  Administering NIS+ Access Rights

About NIS+ Access Rights

Introduction to NIS+ Authorization and Access Rights

NIS+ Authorization Classes - Review

NIS+ Access Rights - Review

Concatenation of NIS+ Access Rights

How NIS+ Access Rights Are Assigned and Changed

Specifying Different Default Rights in NIS+

Changing Access Rights to an Existing NIS+ Object

NIS+ Table, Column, and Entry Security

NIS+ Table, Column, Entry Example

NIS+ Rights at Different Levels

Where NIS+ Access Rights Are Stored

Viewing an NIS+ Object's Access Rights

Default NIS+ Access Rights

How an NIS+ Server Grants Access Rights to Tables

Specifying NIS+ Access Rights in Commands

NIS+ Syntax for Access Rights

NIS+ Class, Operator, and Rights Syntax

NIS+ Syntax for Owner and Group

NIS+ Syntax for Objects and Table Entries

Displaying NIS+ Defaults With nisdefaults

Setting NIS+ Default Security Values

Displaying the Value of the NIS+ NIS_DEFAULTS Variable

Changing NIS+ Defaults

Resetting the Value of NIS_DEFAULTS

Specifying Non-Default Security Values at Creation Time in NIS+

Changing NIS+ Object and Entry Access Rights

Using nischmod to Add NIS+ Rights

Using nischmod to Remove NIS+ Rights

Specifying Column Access Rights in NIS+

Setting Column Rights When Creating an NIS+ Table

Adding Rights to an Existing NIS+ Table Column

Removing Rights to an NIS+ Table Column

Changing Ownership of NIS+ Objects and Entries

Changing an NIS+ Object Owner With nischown

Changing an NIS+ Table Entry Owner With nischown

Changing an NIS+ Object or Entry's Group

Changing an NIS+ Object's Group With nischgrp

Changing an NIS+ Table Entry's Group With nischgrp

16.  Administering NIS+ Passwords

17.  Administering NIS+ Groups

18.  Administering NIS+ Directories

19.  Administering NIS+ Tables

20.  NIS+ Server Use Customization

21.  NIS+ Backup and Restore

22.  Removing NIS+

23.  Information in NIS+ Tables

24.  NIS+ Troubleshooting

A.  NIS+ Error Messages

About NIS+ Error Messages

Common NIS+ Namespace Error Messages

B.  Updates to NIS+ During the Solaris 10 Release

Solaris 10 and NIS+



Setting NIS+ Default Security Values

This section describes how to perform tasks related to the nisdefaults command, the NIS_DEFAULTS environment variable, and the -D option.

The NIS_DEFAULTS environment variable specifies the following default values:

The values that you set in the NIS_DEFAULTS environment variable are the default values applied to all NIS+ objects that you create using that shell (unless overridden by using the -D option with the command that creates the object).

You can specify the default values (owner, group, access rights, and time-to-live) specified with the NIS_DEFAULTS environment variable. Once you set the value of NIS_DEFAULTS, every object you create from that shell will acquire those defaults, unless you override them by using the -D option when you invoke a command.

Displaying the Value of the NIS+ NIS_DEFAULTS Variable

You can check the setting of an environment variable by using the echo command, as shown below:

client% echo $NIS_DEFAULTS

You can also display a general list of the NIS+ defaults active in the namespace by using the nisdefaults command as described in Displaying NIS+ Defaults With nisdefaults.

Changing NIS+ Defaults

You can change the default access rights, owner, and group, by changing the value of the NIS_DEFAULTS environment variable.

Use the environment command that is appropriate for your shell (setenv for C-shell or $NIS_DEFAULTS=, export for Bourne and Korn shells) with the following arguments:

You can combine two or more arguments into one line separated by colons:


Table 15-10 shows some examples.

Table 15-10 Changing NIS+ Defaults – Examples

This command grants owner read access as the default access right.
client% setenv NIS_DEFAULTS access=o+r
This command sets the default owner to be the user abe whose home

domain is

client% setenv NIS_DEFAULTS
This command combines the first two examples on one code line.
client% setenv NIS_DEFAULTS

All objects and entries created from the shell in which you changed the defaults will have the new values you specified. You cannot specify default settings for a table column or entry; the columns and entries simply inherit the defaults of the table.

Resetting the Value of NIS_DEFAULTS

You can reset the NIS_DEFAULTS variable to its original values, by typing the name of the variable without arguments, using the format appropriate to your shell:

For C shell

client# unsetenv NIS_DEFAULTS

For Bourne or Korn shell