System Administration Guide: Naming and Directory Services (NIS+)

NIS+ Root Domain Configuration Summary

Table 5–1 summarizes the steps required to configure a root domain. The summary assumes a simple case. Be sure you are familiar with the complete task descriptions before you use this summary as a reference. This summary does not show the server's responses to each command.

Table 5–1 Setting Up an NIS+ Root Domain: Action Summary



Log in as superuser to rootmaster.

rootmaster% su


Check domain name. 

# domainname

Check Switch file. 

# more /etc/nsswitch.conf

[Optional] Configure Diffie-Hellman key length. 

# nisauthconf dh640-0 des

Restart nscd if the switch file was modified.

# svcadm restart /system/name-service-cache

Remove /etc/.rootkey and restart keyserv.

# svcadm disable /network/rpc/keyserv

# rm -f /etc/.rootkey

# svcadm enable /network/rpc/keyserv

Stop NIS+ services. 

# svcadm disable /network/rpc/nisplus

Remove leftover NIS+ material. 

# rm -rf /var/nis*

Name the admin group. 

#; export NIS_GROUP

Initialize the root master. 

# nisinit -r

[NIS-compat only] 

Start the daemon with the -S 0 and -Y options.

Edit the /lib/svc/method/nisplus file to add the -S 0 and -Y options, then restart the service, as follows.

# svcadm restart network/rpc/nisplus

[NIS+ Only] 

Start daemon with -S 0.

Edit the /lib/svc/method/nisplus file to add the -S 0 option, then enable the service, as follows.

# svcadm enable network/rpc/nisplus

Verify creation of root objects. 

# ls -l /var/nis/data

# niscat -o

Create org_dir and groups_dir tables.

# /usr/lib/nis/nissetup [-Y]

Create DES credentials for root master. 

# nisaddcred des

Enter login password:

Create admin group.

# nisgrpadm -c

Assign full group rights to root directory. 

# nischmod g+rmcd

Add rootmaster to admin group.

# nisgrpadm -a

Update root directory's keys. Update org_dir's keys. Update groups_dir's keys.

# /usr/lib/nis/nisupdkeys

# /usr/lib/nis/nisupdkeys

# /usr/lib/nis/nisupdkeys

Restart the NIS+ service. 

# svcadm restart network/rpc/nisplus

Add your LOCAL credentials. 

# nisaddcred -p 11177 -P local

Add your DES credentials. 

# nisaddcred -p -P des

Enter login password:

Add credentials for other admins. 

# nisaddcred ...

Add other admins to admin group.

# nisgrpadm -a members

Allocate swap space. 

# /usr/lib/nis/nisstat