How to Set Up a Multihomed NIS+ Root Master Server
The procedure for setting up a multihomed NIS+ server is the same as setting up a single interface server. The only difference is that there are more interfaces that need to be defined in the hosts database (/etc/hosts and /etc/inet/ipnodes files, and NIS+ hosts and ipnodes tables). Once the host information is defined, use the nisclient and nisserver scripts to set up the multihomed NIS+ server. For information about setting up a multihomed replica server, see "How to Set Up Multihomed NIS+ Replica Servers".
Caution - When setting up a multihomed NIS+ server, the server's primary
name must be the same as the nodename for the system. This is a requirement
of both Secured RPC and nisclient.
Secured RPC relies on the nodename to create the netname for authentication.
nisclient relies on the primary name to create the credential for the client.
The following procedure shows how to set up an NIS+ root master server:
On the root master, add the server host information into the /etc/hosts or /etc/inet/ipnodes file.
For example, the /etc/hosts file for the hostA system with three ethernet interfaces looks like:
127.0.0.1 localhost loghost 192.168.10.x hostA hostA-10 hostA-le0 192.168.11.y hostA hostA-11 hostA-le1 192.168.12.z hostA hostA-12
Set up the server as a multihome NIS+ root server with nisserver.
hostA# nisserver -r -d sun.com
where our example shows sun.com as the root domain name. Issue the nisserver command using the name of your root domain name.
After completing the steps for setting up a multihome NIS+ root server, the remainder of the setup is exactly the same as for a single interface server.
Populating NIS+ Tables
After the root master server has been configured, you can populate its standard NIS+ tables with name services information. This section shows you how to populate the root master server's tables with data from files or NIS maps using the nispopulate script with default settings. The script uses:
The domain created in the previous example (doc.com.)
System information files or NIS maps as the source of name services
The standard NIS+ tables: auto_master, auto_home, ethers, group, hosts, networks, passwd, protocols, services, rpc, netmasks, bootparams, netgroup, and aliases
Note - The shadow file's contents are merged with the passwd file's to create the passwd table when files are the tables' information source. No shadow table is created.
Prerequisites to Running nispopulate
Before you can run the nispopulate script:
View each local /etc file or NIS map from which you will load data. Make sure there are no spurious or incorrect entries. Make sure that the right data is in the correct place and format. Remove any outdated, invalid, or corrupt entries. You should also remove any incomplete or partial entries. You can always add individual entries after configuration is completed. That is easier than trying to load incomplete or damaged entries.
The information in the files must be formatted appropriately for the table into which it will be loaded. Chapter 9, Setting Up NIS+ Tables describes the format required for a text file to be transferred into its corresponding NIS+ table.
Make sure that domain and host names are different. Domains and hosts cannot have the same name. For example, if you have a sales domain you cannot have a machine named sales. Similarly, if you have a machine named home, do not create a domain named home. This caution also applies to subdomains; for example, if you have a machine named west, do not create a sales.west.myco.com subdomain.
Remove all dots and underscores in host names. NIS+ uses dots (periods) to delimit between machine names and domains and between parent and subdomains, so you cannot have a machine name containing a dot. You also cannot use underscores in hostnames, since DNS does not allow it. Before running the nispopulate script, you must eliminate any dots in your host names. You can convert host name dots to hyphens. For example, you cannot have a machine named sales.alpha. You can convert that name to sales-alpha.
If you are setting up a network for the first time, you may not have much network information stored anywhere. In that case, you first need to collect the information, then type it into the input file--which is essentially the same as an /etc file.
For safety's sake, you should make copies of the /etc files and use the copies to populate the tables instead of the actual ones. (This example uses files in a directory called /nisplusfiles, for instance.)
Edit four of the copied NIS table files, passwd, shadow, aliases, and hosts, for security problems, particularly items that you do not want distributed across the namespace. For example, you might want to remove the following lines from the copy of your local passwd file so that they are not made available across the namespace:
root:x:0:1:0000-Admin(0000):/:/sbin/sh daemon:x:1:3:0000-Admin(0000):/: bin:x:3:5:0000-Admin(0000):/usr/bin: sys:x:3:3:0000-Admin(0000):/: adm:x:4:4:0000-Admin(0000):/var/adm: lp:x:78:9:0000-lp(0000):/usr/spool/lp: smtp:x:0:0:mail daemon user:/: uucp:x:5:5:0000-uucp(0000):/usr/lib/uucp: nuucp:x:7:8:0000-uucp (0000):/var/spool/uucppublic:/usr/lib/uucp/uucico listen:x:22:6:Network Admin:/usr/net/nls nobody:x:60000:60000:uid no body:/: noaccess:x:60002:60002:uid no access:/:
The domain must have already been configured and its master server must be running.
The domain's server must have sufficient disk space to accommodate the new table information.
You must be logged in as an NIS+ principal (a client with appropriate credentials) and have write permission to the NIS+ tables in the specified domain. In this example, you must be the user root on the machine master1.
Information You Need
If populating from files, you need:
The new NIS+ domain name
The path of the appropriately edited text files whose data will be transferred
Your root password
If populating from NIS maps, you need:
The new NIS+ domain name
The NIS domain name
The NIS server's name
The IP address of the NIS server
Your root password
Note - The NIS domain name is case-sensitive, while the NIS+ domain name is not.