For security reasons, follow these guidelines:
Limit access to the NIS maps on the master server.
Do not place an entry for root in the files you use to build the NIS password maps. This protects the NIS network against unauthorized access. To accomplish this, remove the root entry before building the password maps. Locate the password files in a directory other than the master server's /etc directory. The /etc directory on every system on the network should be secured against unauthorized access.
For example, the master server password input files could be stored in a directory such as /var/yp, or any directory of your choice, as long as the file itself is not a link to another file and is specified in the Makefile. When you use either the Service Management Facility or the ypstart script to start the NIS service, the correct directory option is set according to the configuration specified in your Makefile.