This section describes how to globally create your namespace for a given enterprise or NIS+ domain.
The FNS namespace is created by the fncreate command.
# fncreate -t org org// |
Or, alternatively:
# fncreate -t org org/domain/ |
Where domain is the name of an NIS+ domain or subdomain.
See the following sections for detailed information about creating the FNS namespace for each of the three enterprise-level name services:
The fncreate command creates the default contexts for the specified organization and all its subcontexts, including contexts and subcontexts for users and hosts in the organization.
For information on how to manually create individual FNS contexts, see Solaris Naming Administration Guide.
When your primary enterprise-level name service is NIS+, namespace contexts must be created separately for each NIS+ domain or subdomain in your enterprise.
The NIS+ domain or subdomain must already be in existence.
If you intend to use the same server for both NIS+ and FNS, the fncreate command must be run on the domain's (or subdomain's) master server. If you intend to use different servers for NIS+ and FNS, the fncreate command must be run on the machine that will function as the FNS server. (If you are going to use different machines, the FNS server must first be prepared as explained in Step 4.)
You must have full NIS+ administration authorization (see Solaris Naming Administration Guide for information on NIS+ authorization).
For example, to create the contexts for the manf.doc.com subdomain on the submaster machine which is the NIS+ master server for that domain:
submaster# fncreate -t org org/manf.doc.com./ |
This creates the organization context for the NIS+ manf.doc.com. subdomain, and contexts and associated subcontexts for all users found in that subdomain's passwd.org_dir table and all hosts found in the subdomain's hosts.org_dir table.
(If you want to use different machines for NIS+ and FNS servers, you would run the above command on the machine you want to use as the FNS server. See Step 4 for information on how to prepare a non-NIS+ server to be an FNS server.)
Use nisping to checkpoint the ctx_dir directory:
# /usr/lib/nis/nisping -C ctx_dir.manf.doc.com. |
For a large organization with several thousand users and hosts, the initial fncreate operation can take several hours; the subsequent checkpoint can also take several hours.
When your primary enterprise-level name service is NIS, there is only one domain for the enterprise. Namespace contexts are created for that enterprise-wide domain.
The NIS domain must already be in existence.
The fncreate command must be run by root on the FNS master server. (Normally, this would be the NIS master server, but you could choose to use a different server.)
For example, to create the contexts for the doc.com domain a machine named fns_master, which is also the NIS master server:
On the domain master, run fncreate as shown below:
fns_master# fncreate -t org org// |
This creates the organization context for the NIS domain doc.com, and contexts and associated subcontexts for all users found in NIS servers's passwd map and all hosts found in the server's hosts map.
After you have created your context maps, you can assign the same machine to be the master server, using the same procedure that you would to assign a different master for any other NIS map. The FNS maps all have names starting with fns_ and ending with either .ctx or .attr. See Solaris Naming Administration Guide for details.
When your primary enterprise-level name service is files-based, namespace contexts are created for the system.
The /etc/passwd and /etc/hosts files on the machine where the /var/fn directory resides must be clean and fully populated.
The fncreate command must be run by root on the machine where the /var/fn directory resides.
For example, to create the contexts for the system:
On the machine hosting the /var/fn directory, run fncreate, as shown below:
server1# fncreate -t org org// |
This creates the organization context for the system and contexts and associated subcontexts for all users found in machine's /etc/passwd file, and all hosts found in the machine's /etc/hosts file.