NIS+ Root Domain Configuration Summary
Table 5–1 summarizes the steps required to configure a root domain. The summary assumes a simple case. Be sure you are familiar with the complete task descriptions before you use this summary as a reference. This summary does not show the server's responses to each command.
Table 5–1 Setting Up an NIS+ Root Domain: Action Summary|
Tasks |
Actions |
|
|---|---|---|
|
Log in as superuser to rootmaster. |
rootmaster% su Password: |
|
|
Check domain name. |
# domainname |
|
|
Check Switch file. |
# more /etc/nsswitch.conf |
|
|
[Optional] Configure Diffie-Hellman key length. |
# nisauthconf dh640-0 des |
|
|
Restart nscd if the switch file was modified. |
# svcadm restart /system/name-service-cache |
|
|
Remove /etc/.rootkey and restart keyserv. |
# svcadm disable /network/rpc/keyserv # rm -f /etc/.rootkey # svcadm enable /network/rpc/keyserv |
|
|
Stop NIS+ services. |
# svcadm disable /network/rpc/nisplus |
|
|
Remove leftover NIS+ material. |
# rm -rf /var/nis* |
|
|
Name the admin group. |
# NIS_GROUP=admin.doc.com.; export NIS_GROUP |
|
|
Initialize the root master. |
# nisinit -r |
|
|
[NIS-compat only] Start the daemon with the -S 0 and -Y options. |
Edit the /lib/svc/method/nisplus file to add the -S 0 and -Y options, then restart the service, as follows.
|
|
|
[NIS+ Only] Start daemon with -S 0. |
Edit the /lib/svc/method/nisplus file to add the -S 0 option, then enable the service, as follows. # svcadm enable network/rpc/nisplus |
|
|
Verify creation of root objects. |
# ls -l /var/nis/data # niscat -o doc.com. |
|
|
Create org_dir and groups_dir tables. |
# /usr/lib/nis/nissetup [-Y] |
|
|
Create DES credentials for root master. |
# nisaddcred des Enter login password: |
|
|
Create admin group. |
# nisgrpadm -c admin.doc.com. |
|
|
Assign full group rights to root directory. |
# nischmod g+rmcd doc.com. |
|
|
Add rootmaster to admin group. |
# nisgrpadm -a admin.doc.com. rootmaster.doc.com. |
|
|
Update root directory's keys. Update org_dir's keys. Update groups_dir's keys. |
# /usr/lib/nis/nisupdkeys doc.com. # /usr/lib/nis/nisupdkeys org_dir.doc.com. # /usr/lib/nis/nisupdkeys groups_dir.doc.com. |
|
|
Restart the NIS+ service. |
# svcadm restart network/rpc/nisplus |
|
|
Add your LOCAL credentials. |
# nisaddcred -p 11177 -P topadmin.doc.com. local |
|
|
Add your DES credentials. |
# nisaddcred -p unix.11177@doc.com -P topadmin.doc.com. des Enter login password: |
|
|
Add credentials for other admins. |
# nisaddcred ... |
|
|
Add other admins to admin group. |
# nisgrpadm -a admin.doc.com members |
|
|
Allocate swap space. |
# /usr/lib/nis/nisstat |
- © 2010, Oracle Corporation and/or its affiliates