Solaris Advanced System Administrator's Guide, Second Edition:Setting Up NIS+ Clients

Steps for Setting Up an NIS+ Client

This section provides the steps needed for setting up an NIS+ client after the client credentials have been created on the master server. You need the name of the master server, the domain name, and the superuser password for the client system in order to perform the steps in this section. Follow these steps to set up an NIS+ client:

1. Make sure that credentials for the client system have been added to the master server. To verify the values in the Cred table, type nisgrep hostname cred.org_dir and then press Return.

2. Become the superuser on the client system.

3. Follow these steps if you need to assign a new domain name to the client system. If the domain name for the client system is correct, skip to Step 4.

• Type domainname domainname and then press Return. You have changed the name of the domain for the client system. Note that you do not include a dot (.) at the end of the domain name. In this example, the domain name is changed to esg.eng.sun.com:

  # domainname esg.eng.sun.com
  #

• Type domainname and then press Return. The current domain name is displayed. Check to make sure you entered it correctly. If you need to make any changes, redo the previous step.

  # domainname
  esg.eng.sun.com

• Type domainname>/etc/defaultdomain and then press Return. You have redirected the domain name into the /etc/defaultdomain file so that the proper domain name is used when the system is rebooted. To ensure that all processes use the new domain name, you must reboot the system at some point.

4. Type more /etc/nsswitch.conf and then press Return. The contents of the default /etc/nsswitch.conf file are displayed. You want to use the NIS+ version of the nsswitch.conf file. If the /etc/nsswitch.conf file on the client system looks like the following example, skip to Step 7.

   # more /etc/nsswitch.conf
   #
   # /etc/nsswitch.nisplus:
   #
   # An example file that could be copied over to
     /etc/nsswitch.conf; it
   # uses NIS+ (NIS Version 3) in conjunction with files.
   #
   # "hosts:" and "services:" in this file are
     used only if the /etc/netconfig
   # file contains "switch.so" as a nametoaddr library for
     "inet" transports.

   # the following two lines obviate the "+" entry in
     /etc/passwd and /etc/group.
   passwd:     files nisplus
   group:      files nisplus

   # consult /etc "files" only if nisplus is down.
   hosts:      nisplus [NOTFOUND=return] files
   #Uncomment the following line, and comment out the above, to use
    both DNS and NIS+
   #hosts:      nisplus dns [NOTFOUND=return] files

   services:   nisplus [NOTFOUND=return] files
   networks:   nisplus [NOTFOUND=return] files
   protocols:  nisplus [NOTFOUND=return] files
   rpc:        nisplus [NOTFOUND=return] files
   ethers:     nisplus [NOTFOUND=return] files
   netmasks:   nisplus [NOTFOUND=return] files
   bootparams: nisplus [NOTFOUND=return] files

   publickey:  nisplus

   netgroup:   nisplus
   automount:  files nisplus
   aliases:    files nisplus

5. If you need to change to the NIS+ /etc/nsswitch.conf file, type cp /etc/nsswitch.nisplus /etc/nsswitch.conf and then press Return.

6. If the system was configured as an NIS+ server or client, you need to remove any files in the /var/nis directory and kill the cache manager.

• Type ls /var/nis and then press Return.

• If any files exist, type rm -rf /var/nis/* and then press Return.

• Type ps -ef | grep nis_cachemgr and then press Return. Take note of the PID for nis_cachemgr. You use it in the next step.

• Type kill PID and then press Return. In this example, the client system already has a coldstart file and a directory cache file:

  # ls /var/nis
  NIS_COLD_START     NIS_SHARED_CACHE
  # rm -rf /var/nis/*
  # ps -ef | grep nis_cachemgr
     root 295  26Ø 1Ø 15:26:58 pts/Ø  Ø:ØØ grep nis_cachemgr
     root 286   1 57 15:21:55 ?  Ø:Ø1 /usr/sbin/nis_cachemgr
  # kill 286
  #

7. Type nisinit -cH master-server and then press Return. The initialization should take only a few seconds. In the following example, oak is the master server. If this step does not work, check to make sure that the master server name and IP address are in the /etc/hosts file. In this example, the initialization is successful.

  # nisinit -cH oak
  This machine is in the ESG.Eng.sun.COM. NIS+ domain.
  Setting up NIS+ client ...
  All done.
  #

8. Type ps -ef | grep keyserv and then press Return. Take note of the process ID for the keyserv daemon. You use it in the next step.

9. Type kill PID and then press Return. You have killed the keyserv daemon.

10. Type keyserv and then press Return. You have restarted the keyserv daemon so that it re-reads the public key entry in the /etc/nsswitch.conf file, as shown in the following example:

  # ps -ef | grep keyserv
  root 145     1 67 16:34:44  ?  keyserv
  # kill 145
  # keyserv
  #

11. Type keylogin -r and then press Return.

12. When prompted, type the root password for the client system. This password must be the same one that created the client's DES credentials. The password decrypts the client's private key and is stored in the /etc/.rootkey file.

  client1# keylogin -r
  Password: <enter-root-password>
  Wrote secret key into /etc/.rootkey

13. Type init 6 and then press Return. The system is rebooted and the NIS+ configuration is complete.

Table of Contents