Suggested Transition Phases
The following outline is a suggested NIS-to-NIS+ transition:
-
Review basic transition principles.
-
Become familiar with NIS+.
-
Design your final NIS+ namespace.
-
Select security measures.
-
Decide how to use NIS-compatibility mode.
-
Complete prerequisites to transition.
-
Implement the transition.
The remainder of this chapter is a detailed discussion of these transition phases.
Transition Principles
Before you begin the transition, you should review the following basic principles:
Consider the Alternatives to Making the Transition Immediately
You can defer the upgrade to NIS+ until after your site has completed its transition to the latest Solaris operating environment. This allows you to focus your resources on one transition effort at a time. You can continue to run NIS under the current Solaris operating environment until you are ready to make the transition to NIS+.
Keep Things Simple
You can take several steps to simplify the transition. While these steps will diminish the effectiveness of NIS+, they will consume fewer servers and less administrative time. After the transition is complete, you can change the NIS+ setup to better suit your needs. Here are some suggestions:
-
Do not change domain names.
-
Do not use any hierarchies; keep a flat NIS+ namespace.
-
Do not establish credentials for clients, if you are running the Solaris 2.5 Release or later.
Use a Single Release of Software
Decide which version of the Solaris operating environment and NIS+ you will use for the transition. Because there are slight differences between versions, using multiple versions could needlessly complicate the transition process. Choose one version of the Solaris product and use its corresponding version of NIS+.
The current release has the most features (such as setup scripts). Make sure you compile a list of the Solaris 2.6 patches that are required for normal operation, and make sure that all servers and clients have the same patches loaded.
Minimize Impact on Client Users
Consider the two major user-related factors: First, users should not notice any change in service. Second, the transition phase itself should cause minimal disruption to client users. To ensure the second consideration, be sure the administrators responsible for each domain migrate their client machines to NIS+, rather than ask the users to implement the migration. This ensures that proper procedures are implemented, that procedures are consistent across client machines, and that irregularities can be dealt with immediately by the administrator.
Things You Should Not Do
-
Do not change the name services currently provided by NIS or change the way NIS functions.
-
Do not change the IP network topology.
-
Do not upgrade applications that use NIS to NIS+; leave the migration to NIS+ APIs for the future.
-
Do not consider additional uses for NIS+ during the implementation phase; add them later.
Become Familiar With NIS+
Familiarize yourself with NIS+, particularly with the concepts summarized earlier in this chapter and discussed in the remainder of this book. For details, see the publications listed in "Related Books".
One of the best ways to become familiar with NIS+ is to build a prototype namespace. There is no substitute for hands-on experience with the product; administrators need the opportunity to practice in a forgiving test environment.
Note -
Do not use your prototype domain as the basis for your actual running NIS+ namespace. Deleting your prototype after you have learned all you can from it will avoid namespace configuration problems. Start anew to create the real namespace after following all the planning steps.
When you create the test domains, make small, manageable domains. For guidance, you can use Solaris Naming Setup and Configuration Guide, which describes how to plan and create a simple test domain and subdomain (with or without NIS-compatibility mode), using the NIS+ setup scripts.
Note -
The NIS+ scripts described in Part I of Solaris Naming Setup and Configuration Guide are the recommended method for setting up an NIS+ namespace. The recommended procedure is to first set up your basic NIS+ namespace using the scripts, then customize that namespace for your particular needs, using the NIS+ command set.
Design Your Final NIS+ Namespace
Design the final NIS+ namespace, following the guidelines in Chapter 2, Planning the NIS+ Namespace. While designing the namespace, do not worry about limitations imposed by the transition from NIS. You can add those later, after you know what your final NIS+ goal is.
Plan Security Measures
NIS+ security measures provide a great benefit to users and administrators, but they require additional knowledge and setup steps on the part of both users and administrators. They also require several planning decisions. Chapter 3, Planning NIS+ Security Measures describes the implications of NIS+ security and the decisions you need to make for using it in your NIS+ namespace.
Decide How to Use NIS-Compatibility Mode
The use of parallel NIS and NIS+ namespaces is virtually unavoidable during a transition. Because of the additional resources required for parallel namespaces, try to develop a transition sequence that reduces the amount of time your site uses dual services or the extent of dual services within the namespace (for example, convert as many domains as possible to NIS+ only).
Chapter 4, Using NIS-Compatibility Mode explains the transition issues associated with the NIS-compatibility mode and suggests a way to make the transition from NIS, through NIS compatibility, to NIS+ alone.
Complete Prerequisites to Transition
In addition to the planning decisions mentioned above, you must complete several miscellaneous prerequisites, as described in Chapter 5, Prerequisites to Transition.
Implement the Transition
Chapter 6, Implementing the Transition provides suggested steps to implement the transition you have planned in the previous steps.
- © 2010, Oracle Corporation and/or its affiliates