Solaris NIS configuration

Solaris NIS configuration

Notes from /usr/lib/netsvc/yp/ypstart:

# When to start ypserv :
#       The value of $domain is non-null *and*
#       The directory /var/yp/$domain exists *and*
#       There is an executable ypserv in $YPDIR
#
# When to start ypbind :
#       The value of $domain is non-null *and*
#       There is an executable ypbind in $YPDIR *and*
#       The directory /var/yp/binding/$domain exists.

NIS client configuration

1. Run domainname to see if an NIS domainname is returned. If a value is not returned, run domainname NIS_domainname and create /etc/defaultdomain containing the name of the NIS domainname.

2. Create a directory named /var/yp/binding/`domainname` if one does not already exist.

3. If you want the NIS client to broadcast for a NIS server (note: there must be a NIS server on your subnet), start NIS with /usr/lib/netsvc/yp/ypstart. If you want to manually specify one or more NIS server(s) to use, run ypinit -c and then /usr/lib/netsvc/yp/ypstart. Note that each manually specified NIS server must have an entry in /etc/hosts.

4. Modify the name service switch file (/etc/nsswitch.conf) to use the NIS databases. You may want to copy /etc/nsswitch.nis over /etc/nsswitch.conf. Make sure to modify the "hosts:" line in /etc/nsswitch.conf if you want to use DNS for hostname resolution:

hosts:      dns nis files

NIS slave configuration

1. Run /usr/sbin/ypinit -s NIS_master to transfer the NIS maps from the NIS master to the NIS slave. NIS_master must be present in /etc/hosts.

2. Edit /var/yp/binding/`domainname`/ypservers and add the hostname of the NIS slave to ensure that ypbind binds to the local host.

3. Stop and restart NIS services via /usr/lib/netsvc/yp/ypstop and /usr/lib/netsvc/yp/ypstart

Miscellaneous NIS notes

The NIS line length limit is 1024 characters.

Starting NIS:
/usr/lib/netsvc/yp/ypstart

Stopping NIS:
/usr/lib/netsvc/yp/ypstop

To stop NIS at system boot, remove the file /etc/defaultdomain.

NIS troubleshooting:
If NIS appears to hang when pushing maps from the NIS master to NIS slave servers, check the contents of /var/yp/ypxfr.log. "touch" the file if it is not created.

"Create clnt failure: RPC: Program not registered"
If you receive this error when attempting to change a user's password, the rpc.yppasswdd daemon is not running on the NIS master server. It is located in /usr/lib/netsvc/yp
More information: http://www.netsys.com/sunmgr/1998-08/msg00030.html

"passwd (NIS): Couldn't change passwd/attributes for user"
The rpc.yppasswdd daemon is probably running, but it is not pointing to the directory containing the NIS maps. By default, rpc.yppasswdd looks for NIS maps in /var/yp. If NIS maps are in /var/yp/maps, for example, use the following command to start rpc.yppasswdd:
/usr/lib/netsvc/yp/rpc.yppasswdd -D /var/yp/maps
More information:
http://aa11.cjb.net/sun_managers/2000/01/msg00160.html

"No response from ypxfr on host"
Check /var/yp/ypxfr.log. It is possible that the /var file system on the remote host is full.
Thu May 31 10:33:16: Transferred map ypservers from host (2 entries).
write: No space left on device

Maps are pushed from the master server to the slave servers via the make utility and the NIS Makefile located in /var/yp. Maps are pulled from the master server via the ypxfr utility.

Push maps from master server:
cd /var/yp
make

List NIS maps:
ypcat -x
-- or --
ypwhich -x

List of NIS servers:
ypcat ypservers

Which NIS server are you bound to?
ypwhich

Forcing ypbind to use a particular NIS server:
/usr/lib/netsvc/yp/ypbind -ypsetme
ypset NIS_server
ypwhich (to confirm NIS server)

Master and slave servers are distinguished by their ability to effect permanent changes to NIS maps. Changes may be made to an NIS map on a slave server, but the next map transfer from the master will overlay this change.