The CNS Guide to NIS+

The CNS Guide to NIS+

The Document

The CNS Guide to NIS+ is a document I wrote while installing and administering a small NIS+ space, built on a handful of Solaris 2.6 and Solaris 2.7 machines. Please feel free to grab a copy of this document in Microsoft Word 2000 format and modify it as you see fit. The most recent version is dated March 4, 2002.

What is NIS+?

[Excerpted from "The CNS Guide to NIS+"]

"...There are lots of answers to this question. Here is mine.

NIS+ is a storage mechanism for holding databases. It supports hierarchical access and administration over these databases . It supports replica servers in a single-master scheme. Interactions between NIS+ servers and clients are authenticated via a Diffie-Hellman exchange.

By default, NIS+ ships with support for common Unix flat files. Here is the list of default databases which NIS+ supports; notice how most of them are also popular Unix flat files.

aliases		auto_home	auto_master	bootparams	ethers
group		hosts		netgroup	netid		netmasks
networks	passwd		protocols	publickey	rpc
services	shadow		timezone

As a result, NIS+ can be used as semi-secure way to distribute and maintain access to this common Unix data across a collection of Solaris boxes, as well as to provide semi-secure support for common RPC protocols, like NFS and sadmind (Sunís AdminSuite package).

The administrator can create additional databases. This is a tremendously powerful feature of NIS+, and one which I barely exploit in this document, with the creation of the auto_direct table.

Socio-politically, NIS+ belongs to the ONC specification, in particular to the Secure RPC portion of ONC. Despite its openness, only Sun has ever shipped a NIS+ implementation. Despite the similarity in names between NIS (formerly YP) and NIS+, the two have little in common..."

Prepared by:
Stuart Kendrick

Last modified: 04-Mar-2002