Skip to ContentSun and Oracle Channel Sun How to Buy Log In

NIS+ and DNS Setup and Configuration Guide

Contained Within

Solaris 2.5 System Administrator AnswerBook

Find More Documentation

Featured Support Resources

Download this book in PDF

Setting Up the Name Service Switch

9

This section provides step-by-step instructions for using the name service switch.

*Selecting an Alternate Configuration File*	*page 143*
*Enabling an NIS+ Client to Use DNS*	*page 145*
*Adding Compatibility With +/- Syntax*	*page 146*

Note - It is much easier to perform this task with the NIS+ installation scripts as described Part 1 than with the NIS+ command set as described here. The methods described in this chapter should be used only by those administrators who are very familiar with NIS+ and who require some nonstandard features or configurations not provided by the installation scripts.

For information on customizing or modifying an nsswitch.conf file, see NIS+ and FNS Administration Guide.

Selecting an Alternate Configuration File

This section describes how to select an alternate switch-configuration file for an NIS+ client. Make sure the sources listed in the file are properly set up. In other words, if you are going to select the NIS+ version, the client must eventually have access to NIS+ service; if you are going to select the local files version, those files must be properly set up on the client.

Here is a list of the steps:

Logging in as superuser to the client.
Copying the alternate file over the nsswitch.conf file.
Rebooting the workstation now. (This is necessary because nscd caches the switch information which it reads only at start up.)

Security Considerations

You must perform this operation as superuser.

· How to Select an Alternate Configuration File

Log in as superuser to the client.
Copy the alternate file over the nsswitch.conf file. The /etc/nsswitch.conf file is the working configuration file used by the name service switch. Also in the /etc directory are three alternate versions of the file: one for NIS+, one for NIS, and one for local files. To select one, simply copy it over the working file. Of course, you can create additional alternates. Here are four examples:
NIS+ version


  client1# cd /etc  
  client1# cp nsswitch.nisplus nsswitch.conf

NIS version


  client1# cd /etc  
  client1# cp nsswitch.nis nsswitch.conf

Local files version


  client1# cd /etc  
  client1# cp nsswitch.files nsswitch.conf

Custom version


  client1# cd /etc  
  client1# cp nsswitch.custom nsswitch.conf

Reboot the workstation now.
Because the nscd name service cache daemon caches switch information and some library routines do not periodically check the nsswitch.conf file to see whether it has been changed, you must reboot the workstation to make sure that the daemon and those routines have the latest information in the file.

Enabling an NIS+ Client to Use DNS

This section describes how to set up the name service switch configuration file so that an NIS+ client can also use the Domain Name System (DNS). Here is a list of the steps:

Logging in as superuser.
Opening the /etc/nsswitch.conf file.
Specifying DNS as a source of hosts information.
Saving the file and reboot the workstation.

Prerequisites

The NIS+ client must have a properly configured /etc/resolv.conf file (as described in "Creating the resolv.conf File" on page 167).

Security Considerations

You must perform this operation as superuser.

· How to Enable an NIS+ Client to Use DNS

Log in as superuser.
Open the /etc/nsswitch.conf file.

Specify DNS as a source of hosts information.
DNS can be the only source or an additional source for the hosts information. Locate the hosts line and use dns in one of the ways shown below:


  hosts:   nisplus dns [NOTFOUND=return] files  
  or  
  hosts:   files dns

Do not use the above syntax for NIS clients, since it will make them look for unresolved names twice in DNS. If you have NIS servers doing DNS forwarding, use the -B flag.

Save the file and reboot the workstation.
Because the nscd daemon caches this information, which it reads at start up, you must reboot the workstation now.

Adding Compatibility With +/- Syntax

This task describes how to add compatibility with the +/- syntax used in /etc/passwd, /etc/shadow, and /etc/group files. Here is a list of the steps:

Logging in as superuser.
Opening the /etc/nsswitch.conf file.
Changing the passwd and group sources to compat.
Adding + or + netgroup to /etc/passwd, /etc/shadow and /etc/group.
Saving the file and reboot the workstation.

Security Considerations

You must perform this operation as superuser.

Note - Users working on a client machine being served by a NIS+ server running in compatibility mode cannot run ypcat on the netgroup table. Doing so will give you results as if the table were empty even if it has entries.

· How to Add DNS Compatibility With +/- Syntax

Log in as superuser.
Open the /etc/nsswitch.conf file.
Change the passwd and groups sources to compat.


  passwd: compat  
  group:  compat

This provides the same syntax as in the Solaris 1.x release: it looks up /etc files and NIS maps as indicated by the +/- entries in the files.

If you would like to use the +/- semantics with NIS+ instead of NIS, add a passwd_compat: nisplus entry to the nsswitch.conf file after the passwd or group entry, as shown below:


  passwd: compat  
  passwd_compat: nisplus  
  group:  compat  
  group_compat: nisplus

Add + or + netgroup to /etc/passwd, /etc/shadow and /etc/group.

Caution - If you fail to add the + or + netgroup entries to /etc/shadow and /etc/passwd, you won't be able to log in.

Save the file and reboot the workstation.
Because some library routines do not periodically check the nsswitch.conf file to see whether it has been changed, you must reboot the workstation to make sure those routines have the latest information in the file.