For the slave to be able to bound onto itself

1) ypinit -c
2) add both master and itself

List NIS servers with ypcat

ypcat -k ypservers
* make sure to use -k

When troubleshooting NIS, don't use ps -ef

because -f option translates UIDs into names by using name service
* use ps -e instead

Put only these four files in alternative location

1) passwd
2) shadow
3) security/passwd.adjunct
4) security/group.adjunct <- must exist to run make

If passwd files are not in /etc

must run script to sync /etc/passwd, /etc/shadow with $PWDIR/passwd, $PWDIR/shadow, and $PWDIR/security/passwd.adjunct

NIS passwd security (5)

1) mkdir /var/yp/etc/security ; chmod 700 security
2) cp /etc/shadow security/passwd.adjunct
remove all but usernames and colons
3) touch security/group.adjunct
4) chmod 600 *.adjunct
5) cd /var/yp ; /usr/ccs/bin/make

To change passwd on NIS

passwd -r nis

To test NIS slave

ypwhich -m
* shows master hostname next to maps

Steps for NIS client (5)

1) domainname SolarisCert
2) echo `domainname` > /etc/domainname
3) cp /etc/nsswitch.nis /etc/nsswitch.conf
4) ypinit -c
5) /usr/lib/netsvc/yp/ypstart

Steps for NIS slave (3)

1) NIS client
2) edit /var/yp/securenets
3) ypinit -s blade

Steps for NIS master (9)

1) domainname SolarisCert
2) echo `domainname` > /etc/domainname
3) mkdir /var/yp/etc
4) PWDIR=/var/yp/etc in /var/yp/Makefile
5) cp /etc/passwd /var/yp/etc/passwd ; cp /etc/shadow /var/yp/etc/shadow
Remove root and system accounts
6) cp /etc/nsswitch.nis /etc/nsswitch.conf
7) vi /var/yp/securenets
8) /usr/sbin/ypinit -m
9) configure /var/yp/etc/security/passwd.adjunct

When rerunning ypinit -m

"y" to destroying /var/yp/domainname dir

To have NIS as JumpStart server

/etc/locale :
SolarisCert C
* locale -a to list all

What directive from /var/yp/Makefile runs by default?

all:
* Every file must exist. "touch" them or delete from "all:"

Is NIS domain name case sensitive?

yes

What cluster installation can be an NIS server?

Entire Distribution
* Core, End User, and Developer do not have enough files

Do not create passwd map from /etc/passwd

system accounts (root) will be visible to clients

To change default passwd dir from /etc set

PWDIR in /var/yp/Makefile

To hide NIS passwords

configure $PWDIR/security/passwd.adjunct
* don't forget to "touch group.adjunct"

Restart NIS server services with

/usr/lib/netsvc/yp/ypstop
/usr/lib/netsvc/yp/ypstart

To limit access to NIS maps

/var/yp/securenets

NIS security file must have

/var/yp/securenets:
255.255.255.255 127.0.0.1
* otherwise, it won't bind onto itself

NIS default dir

/var/yp/

Services on NIS slave (2)

1) ypserv
2) ypbind

Services on NIS master (4)

1) ypserv
2) ypbind
3) rpc.yppasswdd - updates passwd map and pushes it to the slave
4) ypxfrd - listens for transfer requests from the slave

Display all entries in NIS passwd map

ypcat passwd

Display NIS passwd entry for sergey

ypmatch sergey passwd

What is my NIS server?

ypwhich
* ypwhich -m lists all maps