Learn how to configure NIS/NIS+ servers
Discover the role of NIS/NIS+ in enterprise networks
Find a reference for commonly used NIS/NIS+ commands
In Chapter 26, we introduced the notion of a naming service. Solaris 9 supports NIS+, which is an improved version of the NIS, the Network Information Service, which was popular with Solaris 1. However, NIS/NIS+ will eventually be deprecated in favor of the Lightweight Directory Access Protocol (LDAP), which is an industry standard. NIS+ is comprised of a centralized repository of information about hosts, networks, services, and protocols on a local area network. This information is physically stored in a set of maps that are intended to replace the network configuration files usually stored in a server’s /etc directory. The set of all maps on a NIS+ network is known as a namespace, supporting large networks of up to 10,000 hosts where responsibilities can be delegated to local servers. NIS+ improves on standard NIS by allowing enhancements to authentication processes, combined with sophisticated resource authorization. This allows NIS+ namespaces to exist over public networks like the Internet without risk of data loss or interception, with the caveat that NIS+ relies on the relatively weak DES encryption algorithm.
In this chapter, we will examine the processing of setting up a NIS+ server and highlight the differences between NIS+ and NIS, and between NIS+ and other naming services like DNS. In fact, many sites will choose to run DNS alongside NIS+, which is also possible. In addition, we will review the role and configuration of primary and slave servers, and walk through the installation of NIS+ using the script method.