How to Set Up Multihomed NIS+ Replica Servers
The procedure for setting up a multihomed NIS+ server is the same as setting up a single interface server. The only difference is that there are more interfaces that need to be defined in the hosts database (/etc/hosts and /etc/inet/ipnodes files, and NIS+ hosts and ipnodes tables). Once the host information is defined, use the nisclient and nisserver scripts to set up the multihomed NIS+ server.
Caution - When setting up a multihomed NIS+ server, the server's primary
name must be the same as the nodename for the system. This is a requirement
of both Secured RPC and nisclient.
Secured RPC relies on the nodename to create the netname for authentication.
nisclient relies on the primary name to create the credential for the client.
This procedure shows how to set up any NIS+ non-root master servers. The following example creates a replica for the root domain. For information about setting up a multihomed root server, see "How to Set Up a Multihomed NIS+ Root Master Server".
Add the server host information into the hosts or ipnodes file.
For example, for the hostB system with three interfaces:
192.168.11.y hostB hostB-11 192.168.12.x hostB hostB-12 192.168.14.z hostB hostB-14
On the root master server, use either nispopulate or nisaddent to load the new host information into the hosts or ipnodes table.
For example:
hostA# nispopulate -F -d sun.com hosts
where the example shows sun.com as the NIS+ root domain name. Issue the nispopulate command specifying the name of your NIS+ root domain name.
On the root master server, use the nisclient script to create the credential for the new client.
hostA# nisclient -c -d sun.com hostB
where the example shows sun.com as the root domain name. Issue the nisclient command specifying the name of your root domain name.
On the non-root master server, use nisclient to start the new server if it is not already running and initialize the machine as an NIS+ client.
For example:
hostB# nisclient -i -d sun.com
where the example shows sun.com as the root domain name. Issue the nisclient command specifying the name of your root domain name.
On the root master server, use nisserver to create a non-root master.
hostA# nisserver -M -d eng.sun.com -h hostB.sun.com.
where the example shows eng.sun.com as the NIS+ domain name and hostB.sun.com as the fully-qualified hostname for the NIS+ server. Issue the nisserver command specifying the name of your NIS+ domain and the fully-qualified hostname for the NIS+ server.
On the root master server, use nisserver to set up a replica server.
For example:
hostA# nisserver -R -d sun.com -h hostB.sun.com.
where the example shows sun.com as the replica server and hostB.sun.com as the fully-qualified hostname for the NIS+ server. Issue the nisserver command specifying the name of your replica server and NIS+ domain.
After completing the steps for setting up a multihome NIS+ replica server, the remainder of the setup is exactly the same as for a single interface server.
Creating a Subdomain
This section shows you how to create the master server of a new non-root domain. The new domain will be a subdomain of the doc.com. domain. The hierarchical structure of NIS+ allows you to create a domain structure that parallels your organizational structure.
This example shows the machine client2 being converted to the master server of a new domain called sub.doc.com.. This procedure uses the NIS+ script nisserver.
Prerequisites to Running nisserver
Before you can run nisserver to create a master server for a new non-root domain:
The parent domain must already have been configured and its master server must be running.
The parent domain's tables must be populated. (At a minimum, the hosts table must have an entry for the new client machine.)
You must have initialized the new client machine in the parent domain.
You must have started rpc.nisd on the client.
You must have adequate permissions to add the new domain. In this case, you must be logged in as root on the parent master server. In this example, the parent master machine is named master1.
Information You Need
You need:
A name for the new non-root domain--the name of the new domain includes the name of the parent domain with this syntax: newdomain.rootdomain.
The client machine name (client2, in this example)
The superuser password for the parent master server
In "How to Create a New Non-Root Domain", the new non-root domain is called sub.doc.com..
Note - In Solaris release 2.6 and earlier, any NIS+ client can be converted to an NIS+ master server as long as it is itself in a domain above the domain it is serving. For example, an NIS+ client in domain sales.doc.com. can serve domains below it in the hierarchy, such as west.sales.doc.com. or even alameda.west.sales.doc.com.. This client cannot, however, serve the domain doc.com., because doc.com. is above the domain sales.doc.com. in the hierarchy. Root replicas are the only exception to this rule. They are clients of the domain that they serve.
Note - In Solaris release 7, the domainname of any non-root NIS+ server can be set to the domain it serves. The non-root server behaves as if it lives in its own domain. This allows you to configure applications on the non-root server to use the information provided by the domain above it in the hierarchy.
The non-root server's credentials must still be in the domain above it in the hierarchy. Configure the non-root servers as described in "How to Create a New Non-Root Domain". Only after the servers are properly configured, can you change the domainname to that of the domain it serves. See the -k option of nisinit and the -d option of nisserver.
How to Create a New Non-Root Domain
Type the following command as superuser (root) on the NIS+ domain's root master server to create a new non-root domain master server.
The -M option indicates that a master server for a new non-root domain should be created. The -d option specifies the new domain name, sales.doc.com. in this instance. The -h option specifies the client machine, (client2, in this example), that will become the master server of the new domain.
master1# nisserver -M -d sales.doc.com. -h client2 This script sets up a non-root NIS+ master server for domain sales.doc.com. Domain name : sales.doc.com. NIS+ server : client2 NIS+ group : admin.sales.doc.com. NIS (YP) compatibility : OFF Security level : 2=DES Is this information correct? (type 'y' to accept, 'n' to change)
Master servers of new non-root domains are created with the same set of default values as root servers. See "How to Create a Root Master Server" for more information on NIS+ group, NIS compatibility, and security level.
Type y to continue.
Typing n causes the script to prompt you for the correct information. (See "How to Change Incorrect Information" for what you need to do if you type n.)
Is this information correct? (type 'y' to accept, 'n' to change) y This script sets up machine "client2" as an NIS+ non-root master server for domain sales.doc.com. Do you want to continue? (type 'y' to continue, 'n' to exit this script)
Type y to continue.
Typing n safely exits the script. The script exits on its own if rpc.nisd is not running on the client machine.
Do you want to continue? (type 'y' to continue, 'n' to exit this script) y running nissetup ... org_dir.sales.doc.com. created groups_dir.sales.doc.com. created ... ... setting NIS+ group admin.sales.doc.com. ... The system client2 is now configured as a non-root server for domain sales.doc.com. You can now populate the standard NIS+ tables by using the nispopulate or /usr/lib/nis/nisaddent commands.
The machine client2 is now the master server of the sales.doc.com. domain. The sales.doc.com. domain is a subdomain of the doc.com. domain. The machine client2 is simultaneously still a client of the root domain doc.com., and the master server of the sales.doc.com. domain.
You can now populate the standard NIS+ tables on the new master server of the sales.doc.com. domain.