Sun Microsystems, Inc.
spacerspacer
spacer www.sun.com docs.sun.com |
spacer
black dot
 
 
  Previous   Contents   Next 
   
 
Chapter 7

Network Information Service (NIS) (Overview)

This chapter provides an overview of the Network Information Service (NIS).

NIS is a distributed naming service. It is a mechanism for identifying and locating network objects and resources. It provides a uniform storage and retrieval method for network-wide information in a transport-protocol and media-independent fashion.

This chapter covers the following topics.

NIS Introduction

By running NIS, the system administrator can distribute administrative databases, called maps, among a variety of servers (master and slaves). The administrator can update those databases from a centralized location in an automatic and reliable fashion to ensure that all clients share the same naming service information in a consistent manner throughout the network.

NIS was developed independently of DNS and has a slightly different focus. Whereas DNS focuses on making communication simpler by using machine names instead of numerical IP addresses, NIS focuses on making network administration more manageable by providing centralized control over a variety of network information. NIS stores information not only about machine names and addresses, but also about users, the network itself, and network services. This collection of network information is referred to as the NIS namespace.


Note - In some contexts machine names are referred to has host names or machine names. This discussion uses machine, but some screen messages or NIS map names might use host or machine.


NIS Architecture

NIS uses a client-server arrangement. NIS servers provide services to NIS clients. The principal servers are called master servers, and for reliability, they have backup, or slave servers. Both master and slave servers use the NIS information retrieval software and both store NIS maps.

NIS uses domains to arrange the machines, users, and networks in its namespace. However, it does not use a domain hierarchy; an NIS namespace is flat. Thus, this physical network:

would be arranged into one NIS domain:

An NIS domain cannot be connected directly to the Internet using just NIS. However, organizations that want to use NIS and also be connected to the Internet can combine NIS with DNS. You can use NIS to manage all local information and use DNS for Internet host lookup. NIS provides a forwarding service that forwards host lookups to DNS if the information cannot be found in an NIS map. The Solaris operating environment also allows you to set up the nsswitch.conf file so that hosts lookup requests go only to DNS, or to DNS and then NIS if not found by DNS, or to NIS and then DNS if not found by NIS. See Chapter 2, The Name Service Switch (Overview) for details.

NIS Machine Types

There are three types of NIS machines:

  • Master server

  • Slave servers

  • Clients of NIS servers

Any machine can be an NIS client, but only machines with disks should be NIS servers, either master or slave. Servers are also clients, typically of themselves.

NIS Servers

The NIS server does not have to be the same machine as the NFS file server.

NIS servers come in two varieties, master and slave. The machine designated as master server contains the set of maps that the system administrator creates and updates as necessary. Each NIS domain must have one, and only one, master server, which can propagate NIS updates with the least performance degradation.

You can designate additional NIS servers in the domain as slave servers. A slave server has a complete copy of the master set of NIS maps. Whenever the master server maps are updated, the updates are propagated among the slave servers. Slave servers can handle any overflow of requests from the master server, minimizing "server unavailable" errors.

Normally, the system administrator designates one master server for all NIS maps. However, because each individual NIS map has the machine name of the master server encoded within it, you could designate different servers to act as master and slave servers for different maps. To minimize confusion, designate a single server as the master for all the maps you create within a single domain. The examples in this chapter assume that one server is the master for all maps in the domain.

NIS Clients

NIS clients run processes that request data from maps on the servers. Clients do not make a distinction between master and slave servers, since all NIS servers should have the same information.

NIS Elements

The NIS naming service is composed of the following elements:

The NIS Domain

An NIS domain is a collection of machines which share a common set of NIS maps. Each domain has a domain name and each machine sharing the common set of maps belongs to that domain.

Any machine can belong to a given domain, as long as there is a server for that domain's maps in the same network. An NIS client machine obtains its domain name and binds to an NIS server as part of its boot process.

NIS Daemons

NIS service is provided by five daemons as shown in Table 7-1.

Table 7-1 NIS Daemons

Daemon

Function

ypserv

Server process

ypbind

Binding process

ypxfr

High speed map transfer

rpc.yppasswdd

NIS password update daemon

** See NOTE below.**

rpc.ypupdated

Modifies other maps such as publickey


Note - rpc.yppasswdd considers all shells that begin with an r to be restricted. This means that users who have a shell that begins with an r. For example, if you are in /bin/rksh, you are not allowed to change from that shell to another one. If you have a shell that begins with r but is not intended to be restricted as such, refer to Chapter 10, NIS Troubleshooting for the workaround.


NIS Utilities

NIS service is supported by nine utilities as shown in Table 7-2.

Table 7-2 NIS Utilities

Utility

Function

makedbm

Creates dbm file for an NIS map

ypcat

Lists data in a map

ypinit

Builds and installs an NIS database and initializes NIS client's ypservers list.

yppmatch

Finds a specific entry in a map

yppoll

Gets a map order number from a server

yppush

Propagates data from NIS master to NIS slave server

ypset

Sets binding to a particular server

ypwhich

Lists name of the NIS server and nickname translation table

ypxfr

Transfers data from master to slave NIS server

 
 
 
  Previous   Contents   Next