After the root master server's tables have been populated from files or NIS maps, you can initialize NIS+ client machines. (Because the root master server is an NIS+ client of its own domain, no further steps are required to initialize it.) This section shows you how to initialize an NIS+ client by using the nisclient script with default settings. The script will use:
The domain used in previous examples, doc.com.
The Secure RPC password (also known as the network password) created by the nispopulate script in the previous example (nisplus, the default password)
The -i option used in "How to Initialize a New Client Machine" does not configure an NIS+ client to resolve host names requiring DNS. You need to explicitly include DNS for clients in their name service switch files. See Solaris Naming Administration Guide and Chapter 1, Setting Up the Name Service Switch for more information on resolving host names through DNS.
Before you can use the nisclient script:
The domain must have already been configured and its master server must be running.
The master server of the domain's tables must be populated. (At a minimum, the hosts table must have an entry for the new client machine.)
You must be logged in as superuser on the machine that is to become an NIS+ client. In this example, the new client machine is named client1.
You need:
The domain name
The default Secure RPC password (nisplus)
The root password of the workstation that will become the client
The IP address of the NIS+ server (in the client's home domain)
If DES authentication is used, note the Diffie-Hellman key length used on the master server. Use nisauthconf to ascertain the master server Diffie-Hellman key length.
Optionally, if using DES authentication, specify the Diffie-Hellman key length.
On the master server, type
nisauthconf |
Use the output as the arguments when running the nisauthconf command on the client. For example, if nisauthconf on the master server produces
dh640dh-0 des |
type the following command on the client machine
nisauthconf dh640dh-0 des |
Type the following command to initialize the new client on the new client machine.
The -i option initializes a client. The -d option specifies the new NIS+ domain name. (If the domain name is not specified, the default is the current domain name.) The -h option specifies the NIS+ server's host name.
client1# nisclient -i -d doc.com. -h master1 Initializing client client1 for domain "doc.com.". Once initialization is done, you will need to reboot your machine. Do you want to continue? (type 'y' to continue, 'n' to exit this script) |
Type y.
Typing n exits the script. The script prompts you only for the root server's IP address if there is no entry for it in the client's /etc/hosts file.
Do you want to continue? (type 'y' to continue, 'n' to exit this script) y Type server master1's IP address: |
Type the correct IP address, and press Return.
This example uses the hypothetical address 123.123.123.123.
Type server master1's IP address: 123.123.123.123 setting up the domain information... setting up the name service switch information... At the prompt below, type the network password (also known as the Secure-RPC password) that you obtained either from your administrator or from running the nispopulate script. Please enter the Secure-RPC password for root: |
Type the Secure RPC password (also known as the network password) only if the Secure RPC password differs from the root login password.
In this case, use the default, nisplus .
The password does not echo on the screen. If you mistype it, you are prompted for the correct one. If you mistype it twice, the script exits and restores your previous network service. If this happens, try running the script again.
Please enter the login password for root: |
Type the root password for this client machine.
The password does not echo on the screen. (If the Secure RPC password and the root login password happen to be the same, you will not be prompted for the root login password.)
Typing the root password changes the credentials for this machine. The RPC password and the root password are now the same for this machine.
Please enter the login password for root: Wrote secret key into /etc/.rootkey Your network password has been changed to your login one. Your network and login passwords are now the same. Client initialization completed!! Please reboot your machine for changes to take effect. |
Reboot your new client machine.
Your changes do not take effect until you reboot the machine.
You can now have the users of this NIS+ client machine add themselves to the NIS+ domain.
Repeat the preceding client-initiation procedure on as many machines as you like. To initiate clients for another domain, repeat the procedure but change the domain and master server names appropriately.
The sample NIS+ domain described in this chapter assumes that you will initialize four clients in the domain doc.com. You are then going to configure two of the clients as non-root NIS+ servers and a third client as a root replica of the root master server of the doc.com domain.
You always have to make a system into a client of the parent domain before you can make the same system a server of any type.