NIS+ Group Member Types
NIS+ groups can have three types of members: explicit, implicit, and recursive; and three types of nonmembers, also explicit, implicit, and recursive. These member types are used when adding or removing members of a group as described in nisgrpadm Command.
NIS+ Member Types
-
Explicit. An individual principal. Identified by principal name. The name does not have to be fully qualified if entered from its default domain.
-
Implicit. All the NIS+ principals who belong to an NIS+ domain. They are identified by their domain name, preceded by the * symbol and a dot. The operation you select applies to all the members in the group.
-
Recursive. All the NIS+ principals that are members of another NIS+ group. They are identified by their NIS+ group name, preceded by the @ symbol. The operation you select applies to all the members in the group.
NIS+ groups also accept nonmembers in all three categories: explicit, implicit, and recursive. Nonmembers are principals specifically excluded from a group that they otherwise would be part of.
NIS+ Nonmember Types
Nonmembers are identified by a minus sign in front of their name:
-
Explicit-nonmember. Identified by a minus sign in front of the principal name.
-
Implicit-nonmember. Identified by a minus sign, * symbol, and dot in front of the domain name.
-
Recursive nonmember. Identified by a minus sign and @ symbol in front of the group name.
NIS+ Group Syntax
The order in which inclusions and exclusions are entered does not matter. Exclusions always take precedence over inclusions. Thus, if a principal is a member of an included implicit domain and also a member of an excluded recursive group, then that principal is not included.
Thus, when using the nisgrpadm command, you can specify group members and nonmembers as shown in Table 17–2.
Table 17–2 Specifying NIS+ Group Members and Nonmembers|
Type of member |
Syntax |
|---|---|
|
Explicit member |
username.domain |
|
Implicit member |
*.domain |
|
Recursive member |
@groupname.domain |
|
Explicit nonmember |
-username.domain |
|
Implicit nonmember |
-*.domain |
|
Recursive nonmember |
@groupname.domain |
- © 2010, Oracle Corporation and/or its affiliates