Glossary (Name Services Configuration Guide)

Skip to ContentSun and Oracle Channel Sun How to Buy Log In

Name Services Configuration Guide

包含在

Solaris 2.4 System Administrator AnswerBook

尋找其他文件

熱門支援資源

以 PDF 格式下載這本書

access rights: The permissions assigned to classes of NIS+ principals that determine what operations they can perform on NIS+ objects: Read, Modify, Create or Destroy.
authentication: The determination of whether an NIS+ server can identify the sender of a request for access to the NIS+ namespace. Authenticated requests are divided into the authorization categories of Owner, Group, and World. Unauthenticated requests--the sender is unidentified, are placed in the Nobody category. Whether or not such a request is granted depends upon the access rights given to a particular category.
authorization: The determination of the access rights of a particular category of authenticated user. The categories are Owner, Group, World and Nobody. The possible rights a category could have are to read, modify, create and destroy an NIS+ object.
cache manager: The program that manages the local caches of NIS+ clients (NIS_DIR_CACHE), which are used to store location information about the NIS+ servers that support the directories most frequently used by those clients, including transport addresses, authentication information, and a time-to-live value.

client: (1) In the client-server model for file systems, the client is a machine that remotely accesses resources of a compute server, such as compute power and large memory capacity. (2) In the client-server model for window systems, the client is an application that accesses windowing services from a "server process." In this model, the client and the server can run on the same machine or on separate machines.
client-server model: A common way to describe network services and the model user processes (programs) of those services. Examples include the name-server/name-resolver paradigm of the domain name system (DNS) and file-server/file-client relationships such as NFS and diskless hosts. See also client.
coldstart file: The NIS+ file given to a client when it is initialized that contains sufficient information so that the client can begin to contact the master server in its home domain.
credentials: The authentication information about an NIS+ principal that the client software sends along with each request to an NIS+ server. This information verifies the identity of a user or machine.
data encrypting key: A key used to encipher and decipher data intended for programs that perform encryption. Contrast with key encrypting key.
data encryption standard (DES): A commonly used, highly sophisticated algorithm developed by the U.S. National Bureau of Standards for encrypting and decrypting data. See also SUN-DES-1.
decimal dotted notation: The syntactic representation for a 32-bit integer that consists of four 8-bit numbers written in base 10 with periods (dots) separating them. Used to represent IP addresses in the Internet as in: 192.67.67.20.
DES: See data encryption standard (DES).
directory cache: A local file used to store data associated with directory objects.

DNS: See domain name system.
DNS-forwarding: An NIS server or an NIS+ server with NIS compatibility set forwards requests it cannot answer to DNS servers.
DNS zones: Administrative boundaries within a network domain, often made up of one or more subdomains.
DNS zone files: A set of maps wherein the DNS software stores the names and IP addresses of all the workstations in a domain.
domain: (1) In the Internet, a part of a naming hierarchy. Syntactically, an Internet domain name consists of a sequence of names (labels) separated by periods (dots). For example, "tundra.mpk.ca.us." (2) In International Organization for Standardization's open systems interconnection (OSI), "domain" is generally used as an administrative partition of a complex distributed system, as in MHS private management domain (PRMD), and directory management domain (DMD).
domain name: The name assigned to a group of systems on a local network that share administrative files. The domain name is required for the network information service database to work properly. Se also domain.
domain name system (DNS): The network information service used in the Internet.
encryption key: See data encrypting key.
GID: See group ID.
group: A collection of users who are referred to by a common name. Determines a user's access to files. There are two types of groups: default user group and standard user group.

group ID: A number that identifies the default group for a user.
indexed name: A naming format used to identify an entry in a table.
internet: A collection of networks interconnected by a set of routers that enable them to function as a single, large virtual network.
Internet: (Note the capital "I") The largest internet in the world consisting of large national backbone nets (such as MILNET, NSFNET, and CREN) and a myriad of regional and local campus networks all over the world. The Internet uses the Internet protocol suite. To be on the Internet the user must have IP connectivity, for example, be able to Telnet to--or ping--other systems. Networks with only e-mail connectivity are not actually classified as being on the Internet.
Internet address: A 32-bit address assigned to hosts using TCP/IP. See decimal dotted notation.
IP: Internet protocol. The network layer protocol for the Internet protocol suite.
IP address: A unique number that identifies each host in a network.
key (column): An NIS+ table entry's data can be accessed from any column, regardless of that table's key.
key, encrypting: A key used to encipher and decipher other keys, as part of a key management and distribution system. Contrast with data encrypting key.
key server: A Solaris process that stores private keys.
mail exchange records: Files that contain a list of DNS domain names and their corresponding mail hosts.
mail hosts: A workstation that functions as an email router and receiver for a site.

master server: The server that maintains the master copy of the network information service database.
MIS: management information system
name resolution: The process of translating workstation/user names to addresses.
name server: Servers which run the DNS software and store the names and addresses of the workstations in the domain.
name service switch: A configuration file (/etc/nsswitch.conf) that defines the sources from which an NIS+ client can obtain its network information.
namespace: (1) DNS namespace--A collection of networked workstations that use the DNS software. (2) NIS namespace--A collection of non-hierarchical network information used by the NIS software. (3) NIS+ namespace--A collection of hierarchical network information used by the NIS+ software.
network information service (NIS): A distributed network information service containing key information about the systems and the users on the network. The NIS database is stored on the master server and all the slave servers.
network information service plus (NIS+): A distributed network information service containing hierarchical information about the systems and the users on the network. The NIS+ database is stored on the master server and all the replica servers.
network mask: A number used by software to separate the local subnet address from the rest of a given Internet protocol address.
NIS-compatibility mode: A configuration of NIS+ that allows NIS clients to have access to the data stored in NIS+ tables. When in this mode, NIS+ servers can answer requests for information from both NIS and NIS+ clients.

NIS domain: A master set of network information service (NIS) maps maintained on the NIS master server and distributed to that server's NIS slaves.
NIS maps: A file used by NIS that holds information of a particular type, for example, the password entries of all users on a network or the names of all host machines on a network. Programs that are part of the NIS service query these maps. See also network information service (NIS).
NIS+ object: The tables which store the NIS+ data when queried by NIS+ clients.
NIS+ principal: A client user or a client workstation whose credentials have been stored in the namespace. Any user or machine that can generate a request to a NIS+ server.
NIS+ tables: Database-like entities that maintain information about NIS+ entry objects on a local area network. The format in which NIS+ data is stored. NIS+ provides sixteen predefined or system tables. Each table stores a different type of information.
NIS+ transaction log: A file that contains data updates destined for the NIS+ tables about objects in the namespace. Changes in the namespace are stored in the transaction log until they are propagated to replicas. The transaction log is only cleared after all of a master server's replicas have been updated.
principal: See NIS+ principal
private key: The private component of a pair of mathematically generated numbers, which, when combined with a private key, generates the DES key. The DES key in turn is used to encode and decode information. The public key of the sender is only available to the owner of the key. Every user or machine has their own public and private key pair.

public key: The public component of a pair of mathematically generated numbers, which, when combined with a private key, generates the DES key. The DES key in turn is used to encode and decode information. The public key is available to all users and machines. Every user or machine has their own public and private key pair.
populate tables: Entering data into NIS+ tables either from files or from NIS maps.
remote procedure call (RPC): An easy and popular paradigm for implementing the client-server model of distributed computing. A request is sent to a remote system to execute a designated procedure, using arguments supplied, and the result is returned to the caller.
replica: NIS+ server that is a duplicate copy of the principal or master NIS+ server database. Replicas run NIS+ server software and maintain copies of NIS+ tables. A replica server increases the availability of NIS+ services.
reverse resolution: The process of converting workstation IP addresses to workstation names using the DNS software.
root domain: The topmost domain in a hierarchical namespace.
RPC: See remote procedure call (RPC).
server: (1) In the client-server model for file systems, the server is a machine with compute resources (and is sometimes called the compute server), and large memory capacity. Client machines can remotely access and make use of these resources. In the client-server model for window systems, the server is a process that provides windowing services to an application, or "client process." In this model, the client and the server can run on the same machine or on separate machines. (2) A daemon that actually handles the providing of files.

slave server: (1) A server system that maintains a copy of the network information service (NIS) database. It has a disk and a complete copy of the operating system. (2) Slave servers are called replicas in NIS+.
subnet: A working scheme that divides a single logical network into smaller physical networks to simplify routing.
table: A display of data in rows and columns.
TCP: See transport control protocol (TCP).
TCP/IP: Acronym for transport control protocol/interface program. The protocol suite originally developed for the Internet. It is also called the Internet protocol suite. SunOS networks run on TCP/IP by default.
transport control protocol (TCP): The major transport protocol in the Internet suite of protocols providing reliable, connection- oriented, full-duplex streams. Uses IP for delivery. See TCP/IP.