Network Information Service (NIS) B.11.31.02 Administrator's Guide
C Using NIS in Compat Mode
This section describes how to use Compat Mode, also called the Compatibility Mode, for
controlling the name services used to obtain user and group information.
If you specify compat as a name service in the /etc/nsswitch.conf file for the passwd: and
group: entries, then NIS consults the local /etc/passwd or /etc/group file. Any lines in the
/etc/passwd or /etc/group file beginning with a plus (+) or a minus (-) sign directs the
lookups to NIS. This usage of compat mode and the plus (+) and minus(-) sign gives the same
name service behavior as was provided by default in the HP-UX releases previous to the HP–UX
10.30 release.
For more information on configuring the Name Service Switch, see NFS Services Administrator's
Guide.
Using Netgroups in the /etc/passwd File
In the /etc/passwd file, netgroups can be used to indicate whether user information should
be looked up in the NIS passwd database.
The following example line from the /etc/passwd file indicates that users in the netgroup
animals should be looked up in the NIS passwd database:
+@animals
The animals netgroup is defined as follows in the /etc/netgroup file:
animals (-,mickey, ), (-,daffy, ), (-,porky, ), (-,bugs, )
Note that the /etc/passwd file is searched sequentially, so if user mickey, daffy, porky,
or bugs appears before the animals netgroup in the /etc/passwd file, the NIS database will
never be consulted for information on that user.
The Name Service Switch configuration is used to determine where to look for the contents of a
netgroup.
Netgroups can also be used to prevent lookups of certain users in the NIS passwd database. The
following example lines from the /etc/passwd file indicate that if the NIS passwd database
contains entries for users in the bears and marketing netgroup, these entries cannot be used
on the local system. Any other users can be looked up in the NIS database.
-@bears::::::
+@documentation::::::
-@marketing::::::
These lines result in searching the NIS database for users from the documentation netgroup.
Access is denied for users from the bears and marketing netgroup.
For information on the /etc/passwd file, type man 4 passwd at the HP-UX prompt.
Editing the Slave Server’s passwd File
• HP recommends you to remove all users from the /etc/passwd file except the root user
and the system entries required for your system to boot. By convention, system entries
usually have user IDs less than 100, so all entries with user IDs of 100 or greater can be
evaluated for removal.
• The Name Service Switch configuration file provided for NIS (/etc/nsswitch.nis) causes
your host to check its local /etc/passwd file and then continue to the NIS passwd map if
the requested information is not in the local file. However, in previous releases, you had to
add a plus sign (+) to the /etc/passwd file to cause your host to check the NIS passwd
database.
If you want your host to behave as it did before HP-UX release 10.30, add the following
entry as the last line in the /etc/passwd file:
+:::::
Using Netgroups in the /etc/passwd File 55