System Administration Guide: Naming and Directory Services (NIS+)

Setting NIS+ Default Security Values

This section describes how to perform tasks related to the nisdefaults command, the NIS_DEFAULTS environment variable, and the -D option.

The NIS_DEFAULTS environment variable specifies the following default values:

The values that you set in the NIS_DEFAULTS environment variable are the default values applied to all NIS+ objects that you create using that shell (unless overridden by using the -D option with the command that creates the object).

You can specify the default values (owner, group, access rights, and time-to-live) specified with the NIS_DEFAULTS environment variable. Once you set the value of NIS_DEFAULTS, every object you create from that shell will acquire those defaults, unless you override them by using the -D option when you invoke a command.

Displaying the Value of the NIS+ NIS_DEFAULTS Variable

You can check the setting of an environment variable by using the echo command, as shown below:

client% echo $NIS_DEFAULTS

You can also display a general list of the NIS+ defaults active in the namespace by using the nisdefaults command as described in Displaying NIS+ Defaults With nisdefaults.

Changing NIS+ Defaults

You can change the default access rights, owner, and group, by changing the value of the NIS_DEFAULTS environment variable.

Use the environment command that is appropriate for your shell (setenv for C-shell or $NIS_DEFAULTS=, export for Bourne and Korn shells) with the following arguments:

You can combine two or more arguments into one line separated by colons:


Table 15–10 shows some examples.

Table 15–10 Changing NIS+ Defaults – Examples



This command grants owner read access as the default access right. 

client% setenv NIS_DEFAULTS access=o+r

This command sets the default owner to be the user abe whose home 

domain is 

client% setenv NIS_DEFAULTS

This command combines the first two examples on one code line. 

client% setenv NIS_DEFAULTS

All objects and entries created from the shell in which you changed the defaults will have the new values you specified. You cannot specify default settings for a table column or entry; the columns and entries simply inherit the defaults of the table.

Resetting the Value of NIS_DEFAULTS

You can reset the NIS_DEFAULTS variable to its original values, by typing the name of the variable without arguments, using the format appropriate to your shell:

For C shell

client# unsetenv NIS_DEFAULTS

For Bourne or Korn shell