Sun Microsystems, Inc.
spacerspacer
spacer www.sun.com docs.sun.com |
spacer
black dot
 
 
   
 

System Administration Guide: Naming and Directory Services (FNS and NIS+)

 
 
 
Copyright
  Preface
  Part I About Naming and Directory Services
  1.  The Name Service Switch
About the Name Service Switch
Format of the nsswitch.conf File
Comments in nsswitch.conf Files
Keyserver and publickey Entry in the Switch File
The nsswitch.conf Template Files
The Default Switch Template Files
The nsswitch.conf File
Selecting a Different Configuration File
Modifying the name service switch
How to Enable an NIS+ Client to Use IPv6
Ensuring Compatibility With +/- Syntax
The Switch File and Password Information
  Part II NIS+ Setup and Configuration
  2.  NIS+: An Introduction
About NIS+
What NIS+ Can Do for You
How NIS+ Differs From NIS
NIS+ Security
Solaris 1.x Releases and NIS-Compatibility Mode
NIS+ Administration Commands
NIS+ API
Setup and Configuration Preparation
NIS and NIS+
NIS+ Files and Directories
Structure of the NIS+ Namespace
Directories
Domains
Servers
How Servers Propagate Changes
NIS+ Clients and Principals
Principal
Client
The Cold-Start File and Directory Cache
An NIS+ Server Is Also a Client
Naming Conventions
NIS+ Domain Names
Directory Object Names
Tables and Group Names
Table Entry Names
Host Names
NIS+ Principal Names
Accepted Name Symbols
NIS+ Name Expansion
NIS_PATH Environment Variable
Preparing the Existing Namespace
Two Configuration Methods
  3.  NIS+ Setup Scripts
  4.  Configuring NIS+ With Scripts
  5.  Setting Up the Root Domain
  6.  Configuring NIS+ Clients
  7.  Configuring NIS+ Servers
  8.  Configuring a Non-Root Domain
  9.  Setting Up NIS+ Tables
  Part III NIS+ Administration
  10.  NIS+ Tables and Information
NIS+ Table Structure
Columns and Entries
Search Paths
Ways to Set Up Tables
How Tables Are Updated
  11.  NIS+ Security Overview
  12.  Administering NIS+ Credentials
  13.  Administering NIS+ Keys
  14.  Administering Enhanced Security Credentials
  15.  Administering NIS+ Access Rights
  16.  Administering Passwords
  17.  Administering NIS+ Groups
  18.  Administering NIS+ Directories
  19.  Administering NIS+ Tables
  20.  Server-Use Customization
  21.  NIS+ Backup and Restore
  22.  Removing NIS+
  23.  Information in NIS+ Tables
  24.  NIS+ Troubleshooting
  Part IV FNS Setup, Configuration and Administration
  25.  Federated Naming Service (FNS)
FNS Quickstart
X/Open Federated Naming (XFN)
Why FNS?
Composite Names and Contexts
Composite Names
Contexts
Attributes
FNS and the Name Service Switch
Maintaining Consistency Between FNS and the Switch File
Namespace Updates
Enterprise Naming Services
NIS+
NIS
Files-Based naming files
Global Naming Services
FNS Naming Policies
Organization Names
Site Names
User Names
Host Names
Service Names
File Names
Getting Started
Designating a Non-Default Naming Service
Creating the FNS Namespace
NIS+ Considerations
NIS Considerations
Files Considerations
Browsing the FNS Namespace
Listing Context Contents
Displaying the Bindings of a Composite Name
Showing the Attributes of a Composite Name
Searching for FNS Information
Updating the Namespace
FNS Administration Privileges
Binding a Reference to a Composite Name
Removing Bindings
Creating New Contexts
Creating File Contexts
Creating Printer Contexts
Destroying Contexts
Working With Attributes
Federating a Global Namespace
Copying and Converting FNS Contexts
Namespace Browser Programming Examples
Listing Names Bound in a Context
Creating a Binding
Listing and Working Wtih Object Attributes
Searching for Objects in a Context
Setting Up FNS: An Overview
Determining Resource Requirements
Preparing the Namespace for FNS
Preparing the Namespace for FNS -- Task Map
How to Prepare NIS+ Service for FNS
How to Prepare NIS Service for FNS
Preparing Files-Based Naming for FNS
Creating Global FNS Namespace Contexts
Creating Global FNS Namespace Contexts -- Task Map
How to Create Namespace Contexts Under NIS+
How to Create Namespace Contexts Under NIS
How to Create Namespace Contexts Under Local Files
Replicating FNS Service
Replicating FNS Service -- Task Map
How to Replicate FNS Under NIS+
How to Replicate FNS Under NIS
How to Replicate FNS Under Files-Based Naming
FNS Administration, Problem Solving, and Error Messages
FNS Error Messages
DNS Text Record Format for XFN References
X.500 Attribute Syntax for XFN References
Object Classes
Creating Enterprise Level Contexts
Creating an Organization Context
All Hosts Context
Single Host Context
Host Aliases
All-Users Context
Single User Context
Service Context
Printer Context
Generic Context
Site Context
File Context
Namespace Identifier Context
Administering Enterprise Level Contexts
Displaying the Binding
Listing the Context
Binding a Composite Name to a Reference
Removing a Composite Name
Renaming an Existing Binding
Destroying a Context
Administering FNS: Attributes Overview
Examining Attributes
Searching for Objects Associated With an Attribute
Customizing Attribute Searches
Updating Attributes
Adding an Attribute
Deleting an Attribute
Listing an Attribute
Modifying an Attribute
Other Options
FNS and Enterprise-Level Naming Services
Choosing an Enterprise-Level Name Service
FNS and Naming Service Consistency
FNS and Solstice AdminSuite
Checking Naming Inconsistencies
Selecting a Naming Service
Default Naming Service
When NIS+ and NIS Coexist
Advanced FNS and NIS+ Issues
Mapping FNS Contexts to NIS+ Objects
Browsing FNS Structures Using NIS+ Commands
Checking Access Control
Advanced FNS and NIS Issues
NIS and FNS Maps and Makefiles
Large FNS Contexts
Printer Backward Compatibility
Migrating From NIS to NIS+
Advanced FNS and File-Based Naming Issues
FNS Files
Migrating From Files-Based Naming to NIS or NIS+
Printer Backward Compatibility
File Contexts Administration
Creating a File Context With fncreate_fs
Creating File Contexts With an Input File
Creating File Contexts With Command-line Input
Advanced Input Formats
Multiple Mount Locations
Variable Substitution
Backward Compatibility Input Format
Introduction to FNS and XFN Policies
What FNS Policies Specify
What FNS Policies Do Not Specify
Policies for the Enterprise Namespace
Default FNS Enterprise Namespaces
Enterprise Namespace Identifiers
Default FNS Namespaces
Significance of Trailing Slash
FNS Reserved Names
Composite Name Examples
Structure of the Enterprise Namespace
Enterprise Root
Using Three Dots to Identify the Enterprise Root
Using org// to Identify the Enterprise Root
Enterprise Root Subordinate Contexts
Initial Context Bindings for Naming Within the Enterprise
FNS and Enterprise Level Naming
How FNS Policies Relate to NIS+
How FNS Policies Relate to NIS
How FNS Policies Relate to Files-Based Naming
Target Client Applications of FNS Policies
FNS File System Namespace
NFS File Servers
The Automounter
The FNS Printer Namespace
Policies for the Global Namespace
Initial Context Bindings for Global Naming
Federating DNS
Federating X.500/LDAP
FNS Problems and Solutions
Cannot Obtain Initial Context
Nothing in Initial Context
"No Permission" Messages (FNS)
fnlist Does not List Suborganizations
Cannot Create Host- or User-related Contexts
Cannot Remove a Context You Created
Name in Use with fnunbind
Name in Use with fnbind/fncreate -s
fndestroy/fnunbind Does Not Return Operation Failed
Some Common Error Messages
  Part V Transitioning Between Naming Services
  26.  Transitioning from NIS to NIS+
Differences Between NIS and NIS+
Domain Structure
DNS, NIS, and NIS+ Interoperability
Server Configuration
Information Management
Security
Suggested Transition Phases
Transition Principles
Become Familiar With NIS+
Design Your Final NIS+ Namespace
Plan Security Measures
Decide How to Use NIS-Compatibility Mode
Implement the Transition
Planning the NIS+ Namespace: Identifying the Goals of Your Administrative Model
Designing the Namespace Structure
Domain Hierarchy
Designing a Domain Hierarchy
Domain Names
Email Environment
Determining Server Requirements
Number of Supported Domains
Number of Replica Servers
Server Speed
Server Memory Requirements
Server Disk Space Requirements
Determining Table Configurations
Differences Between NIS+ Tables and NIS Maps
Use of Custom NIS+ Tables
Connections Between Tables
Resolving User/Host Name Conflicts
Understanding the Impact of NIS+ Security
How NIS+ Security Affects Users
How NIS+ Security Affects Administrators
How NIS+ Security Affects Transition Planning
Selecting Credentials
Choosing a Security Level
Establishing Password-aging Criteria, Principles, and Rules
Planning NIS+ Groups
Planning Access Rights to NIS+ Groups and Directories
Planning Access Rights to NIS+ Tables
Protecting the Encrypted Passwd Field
Using NIS Compatibility Mode: An Introduction
Selecting Your NIS-Compatible Domains
Determining NIS-Compatible Server Configuration
Deciding How to Transfer Information Between Services
Deciding How to Implement DNS Forwarding
DNS Forwarding for NIS+ Clients
DNS Forwarding for NIS Clients Running under the Solaris 2 or Solaris 9 Operating Environment
NIS and NIS+ Command Equivalents in the Solaris 1, Solaris 2, and Solaris 9 Releases
NIS Commands Supported in the Solaris 2 and Solaris 9 Releases
Client and Server Command Equivalents
NIS and NIS+ API Function Equivalents
NIS-Compatibility Mode Protocol Support
Before You Transition to NIS+: Gauge the Impact of NIS+ on Other Systems
Train Administrators
Write a Communications Plan
Identify Required Conversion Tools and Processes
Identify Administrative Groups Used for Transition
Determine Who Will Own the Domains
Determine Resource Availability
Resolve Conflicts Between Login Names and Host Names
Examine All Information Source Files
Remove the "." from Host Names
Remove the "." from NIS Map Names
Document Your Current NIS Namespace
Create a Conversion Plan for Your NIS Servers
Implementing NIS+: An Introduction
Phase I-Set Up the NIS+ Namespace
Phase II-Connect the NIS+ Namespace to Other Namespaces
Phase III-Make the NIS+ Namespace Fully Operational
Phase IV-Upgrade NIS-Compatible Domains
  27.  Transitioning From NIS+ to LDAP
  A.  Error Messages
  Glossary
  Index