Naming and Directory Services (Overview)
This chapter provides an overview of namespaces and naming services are and what they do. This chapter also briefly describes in brief the Solaris naming services: DNS, NIS, NIS+ and LDAP naming services. See System Administration Guide: Naming and Directory Services (FNS and NIS+) for detailed information about NIS+ and FNS.
What Is a Naming Service?
Naming services store information in a central place, which enables users, machines, and applications to communicate across the network. This information can include the following.
Machine (host) names and addresses
User names
Passwords
Access permissions
Group membership, printers, and so on
Without a central naming service, each machine would have to maintain its own copy of this information. naming service information can be stored in files, maps, or database tables. Centrally locating this data makes it easier to administer large networks.
Naming services are fundamental to any computing network. Among other features, naming service provide functionality that does the following.
Associates (binds) names with objects
Resolves names to objects
Removes bindings
Lists names
Renames
A network information service enables machines to be identified by common names instead of numerical addresses. This makes communication simpler because users do not have to remember and try to enter cumbersome numerical addresses like 192.168.00.00.
For example, take a network of three machines named, pine, elm, and oak. Before pine can send a message to either elm or oak, it must know their numerical network addresses. For this reason, it keeps a file, /etc/hosts or /etc/inet/ipnodes, that stores the network address of every machine in the network, including itself.
Likewise, in order for elm and oak to communicate with pine or with each other, they must keep similar files.
In addition to addresses, machines store security information, mail data, information about their Ethernet interfaces, network services, groups of users allowed to use the network, services offered on the network, and so on. As networks offer more services, the list grows. As a result, each machine might need to keep an entire set of files similar to /etc/hosts or /etc/inet/ipnodes.
As this information changes, administrators must keep it current on every machine in the network. In a small network, this is tedious. On a medium or large network, the job becomes not only time-consuming but nearly unmanageable.
A network information service solves this problem. It stores network information on a server, which provides the information to any machine that queries it.
The machines are known as clients of the server. The following figure illustrates the client-server arrangement. Whenever information about the network changes, instead of updating each client's local file, an administrator updates only the information stored by the network information service. This reduces errors, inconsistencies between clients, and the sheer size of the task.
This arrangement, of a server providing centralized services to clients across a network, is known as client-server computing.
Although the main purpose of a network information service is to centralize information, another is to simplify network names. For example, assume your company has set up a network and connected it to the Internet. The Internet has assigned your network the network number 192.68.0.0 and the domain name doc.com. Your company has two divisions, Sales and Manufacturing (Manf), so its network is divided into a main net and two subnets, one for each division. Each net has its own address.
Each division could be identified by its network address, as shown above, but descriptive names made possible by naming services would be preferable.
Instead of addressing mail or other network communications to 129.44.1.0, they could be addressed to doc. Instead of addressing them to 192.68.2.0 or 192.68.3.0, they could be addressed to sales.doc or manf.doc.
Names are also more flexible than physical addresses. Physical networks tend to remain stable, but the organizations that use them tend to change. A network information service can act as a buffer between an organization and its physical network, as it is mapped and not hard-wired to it.
For example, assume that the doc.com network is supported by three servers, S1, S2, and S3, and that two of those servers, S1 and S3, support clients.
Clients C1, C2, and C3 would obtain their network information from server S1. Clients C4, C5, and C6 would obtain it from server S3. The resulting network is summarized in the following table. (The table is a generalized representation of that network but does not resemble an actual network information map.)
Table 1-1 Representation of doc.com Network
Network Address | Network Name | Server | Clients |
---|---|---|---|
192.68.1.0 | doc | S1 |
|
192.68.2.0 | sales.doc | S2 | C1, C2, C3 |
192.68.3.0 | manf.doc | S3 | C4, C5, C6 |
Now assume that you create a third division, Testing, which borrowed some resources from the other two divisions, but did not create a third subnet. The physical network would then no longer parallel the corporate structure.
Traffic for the Test Division would not have its own subnet, but would instead be split between 192.68.2.0 and 192.68.3.0. However, with a network information service, the Test Division traffic could have its own dedicated network.
Thus, when an organization changes, its network information service can change its mapping as shown here.
Now clients C1 and C2 would obtain their information from server S2 and C3, C4 and C5 from server S3.
Subsequent changes in your organization would continue to be accommodated by changes to the "soft" network information structure without reorganizing the "hard" network structure.
Solaris Naming Services
The Solaris operating environment provides the following naming services.
DNS, the Domain Name System (see "DNS")
/etc files, the original Unmapped tag: PRODUCTNAME UNIX naming system (see "/etc Files")
NIS, the Network Information Service (see "NIS")
NIS+, the Network Information Service Plus (see System Administration Guide: Naming and Directory Services (FNS and NIS+))
FNS, the Federated Naming Service (see System Administration Guide: Naming and Directory Services (FNS and NIS+)
Most modern networks use two or more of these services in combination. When more than one service is used, they are coordinated by the nsswitch.conf file which is discussed in Chapter 2, The Name Service Switch (Overview).