NIS+ Security - System Administration Guide: Naming and Directory Services (NIS+)

Skip Navigation Links
Exit Print View
	System Administration Guide: Naming and Directory Services (NIS+)

Oracle Technology Network

Document Information

Part I About Naming and Directory Services

1. Name Service Switch

Part II NIS+ Setup and Configuration

2. NIS+: An Introduction

What NIS+ Can Do for You

How NIS+ Differs From NIS

Solaris 1 Release and NIS-Compatibility Mode

NIS+ Administration Commands

NIS+ Setup and Configuration Preparation

NIS+ Files and Directories

Structure of the NIS+ Namespace

NIS+ Namespace Directories

How NIS+ Servers Propagate Changes

NIS+ Clients and Principals

NIS+ Cold-Start File and Directory Cache

An NIS+ Server Is Also a Client

NIS+ Naming Conventions

NIS+ Domain Names

NIS+ Directory Object Names

NIS+ Tables and Group Names

NIS+ Table Entry Names

NIS+ Host Names

NIS+ Principal Names

Accepted Name Symbols in NIS+

NIS+ Name Expansion

NIS+ NIS_PATH Environment Variable

Preparing the Existing Namespace for NIS+

Two NIS+ Configuration Methods

3. NIS+ Setup Scripts

4. Configuring NIS+ With Scripts

5. Setting Up the NIS+ Root Domain

6. Configuring NIS+ Clients

7. Configuring NIS+ Servers

8. Configuring an NIS+ Non-Root Domain

9. Setting Up NIS+ Tables

Part III NIS+ Administration

10. NIS+ Tables and Information

11. NIS+ Security Overview

12. Administering NIS+ Credentials

13. Administering NIS+ Keys

14. Administering Enhanced NIS+ Security Credentials

15. Administering NIS+ Access Rights

16. Administering NIS+ Passwords

17. Administering NIS+ Groups

18. Administering NIS+ Directories

19. Administering NIS+ Tables

20. NIS+ Server Use Customization

21. NIS+ Backup and Restore

22. Removing NIS+

23. Information in NIS+ Tables

24. NIS+ Troubleshooting

A. NIS+ Error Messages

About NIS+ Error Messages

Common NIS+ Namespace Error Messages

B. Updates to NIS+ During the Solaris 10 Release

Solaris 10 and NIS+

NIS+ Security

NIS+ protects the structure of the namespace, and the information it stores, by the complementary processes of authorization and authentication.

Authorization. Every component in the namespace specifies the type of operation it will accept and from whom. This is authorization.
Authentication. NIS+ attempts to authenticate every request for access to the namespace. Requests come from NIS+ principals. An NIS+ principal can be a process, machine, root, or a user. Valid NIS+ principals possess an NIS+ credential. NIS+ authenticates the originator of the request (principal) by checking the principal's credential.

If the principal possesses an authentic (valid) credential, and if the principal's request is one that the principal is authorized to perform, NIS+ carries out the request. If either the credential is missing or invalid, or the request is not one the principal is authorized to perform, NIS+ denies the request for access. An introductory description of the entire NIS+ security system is provided in Chapter 11, NIS+ Security Overview.

Copyright © 1994, 2010, Oracle and/or its affiliates. All rights reserved. Legal Notices

Previous

Next