Naming Services

Naming Services

Every computer connected to the Internet must have an IP address, which identifies it uniquely within the network. For example, is the IP address of the web server at Sun. IP addresses are difficult for humans to remember, and they don’t adequately describe the network on which a host resides. Thus, by examining the fully qualified domain name (FQDN) of—it’s immediately obvious that the host, www, lies within the domain. The mapping between human-friendly domain names and machine-friendly IP addresses is performed by a distributed naming service known as the Domain Name Service (DNS). DNS is the standard protocol used by UNIX systems (and other operating systems) for mapping IP addresses to hostnames, and vice versa.

Although Solaris provides complete support for DNS, it uses its own domain management and naming system, known as the Network Information Service (NIS). NIS is not only responsible for host naming and management, but it is a comprehensive resource management solution that can be used to structure and administer groups of local and remote users.

NIS uses a series of maps to create namespace structures. Sometimes administrators ask why this extra effort is required to manage hosts and naming, because DNS already provides this for Internet hosts by converting computer-friendly IP addresses to human-friendly “names.” However, NIS does not just provide naming services; a NIS server also acts as a central repository of all information about users, hosts, Ethernet addresses, mail aliases, and supported Remote Procedure Call (RPC) services within a network. This information is physically stored in a set of maps that are intended to replace the network configuration files usually stored in a server’s /etc directory, ensuring that configuration data within the local area network (LAN) is always synchronized. Many large organizations use NIS alongside DNS to manage both their Internet and LAN spaces effectively. Linux also supports NIS.

In the past, Sun introduced an enhanced version of NIS known as NIS+. Instead of a simple mapping system, it uses a complex series of tables to store configuration information and hierarchical naming data for all networks within an organization. Individual namespaces may contain up to 10,000 hosts, with individual NIS+ servers working together to support a completely distributed service. NIS+ also includes greater capabilities in the area of authentication, security (using DES encryption), and resource access control.

Recently, Solaris has begun a transition to Lightweight Directory Access Protocol (LDAP) directory services as an alternative source of authoritative information for naming, identification, and authentication. LDAP is based on the original Directory Access Protocol (DAP), which provided X.500-type services for centralized directory lookups. Like NIS and NIS+, LDAP performs lookups, given a token, and returns a result. However, the query is much more generalized than what can be returned from NIS or NIS+: text, sounds, and graphics can all be associated with an entry in the directory.

LDAP does not provide any kind of programmatic query language, like SQL, to query the directory, so its use is still limited. However, because it works directly over TCP/IP, and it can support directory services for clients on different operating systems, LDAP is often viewed as the future central naming and directory service for Solaris.

Part I: Solaris 9 Operating Environment, Exam I