NIS information in the LDAP directory is protected by a special set of ACLs. These are part of the dsserv.acl.conf file. The extract from this file is shown below.
# NIS ACLs access to attrs=userPassword by self write by * compare access to attrs=gecos,loginShell by self write
By default, users have read permission on all attributes in their own entry, although they have write permission only on the userPassword, gecos, and loginShell attributes.