System Administration Guide: Naming and Directory Services (NIS+)

Creating an NIS+ Group

To create an NIS+ group, you must have create rights to the groups_dir directory of the group's domain. Use the -c option and a fully qualified group name:

nisgrpadm -c group-name.

When you create a group, an NIS+ groups table with the name you have given is created in groups_dir. You can use nisls to confirm that the new group table now exists in groups_dir, and niscat to list the groups members listed in the table.

A newly created group contains no members. See Adding Members to an NIS+ Group for information on how to specify who belongs to a group.

The example below creates three groups named admin. The first is in the domain, the second in, and the third in All three are created on the master server of their respective domains.

rootmaster# nisgrpadm -c
Group created.
salesmaster# nisgrpadm -c
Group created.
manfmaster# nisgrpadm -c
Group created.

The group you create will inherit all the object properties specified in the NIS_DEFAULTS variable; that is, its owner, owning group, access rights, time-to-live, and search path. You can view these defaults by using the nisdefaults command (described in Chapter 15, Administering NIS+ Access Rights). Used without options, it provides this output:

rootmaster# nisdefaults
Principal Name :
Domain Name :
Host Name :
Group Name :
Access Rights : ----rmcdr---r---
Time to live : 12:0:0
Search Path :

The owner is listed in the Principal Name field. The Group Name of the owning group is listed only if you have set the NIS_GROUP environment variable. For example, assuming a C-shell, to set NIS_GROUP to

rootmaster# setenv NIS_GROUP

You can override any of these defaults at the time you create the group by using the -D option:

salesmaster# nisgrpadm -D Group created.