Once the new credentials have been generated for all the servers, run nisupdkeys(1m) to add the new public keys to all the directory objects served by these servers. To use the nisupdkeys(1m) command, you must have modify rights to the NIS+ directory object. See Updating Public Keys for NIS+ for more details.
All servers that serve these NIS+ directories and all clients that access these directories must be running at least the Solaris 7 release.
In this example, the directories that are being served by the servers with new public keys are doc.com, org_dir.doc.com., groups_dir.doc.com.. The update will be done as the master server principal. Before running the new mechanism, nisupdkeys needs to be configured with nisauthconf. In this example, the current authentication mechanism is des and the new mechanism is dh640-0.
masterserver# nisauthconf dh640-0 des masterserver# nisupdkeys doc.com. (screen notices not shown) masterserver# nisupdkeys org_dir.doc.com. (screen notices not shown) masterserver# nisupdkeys groups_dir.doc.com. (screen notices not shown)