Manualshelf

Network Information Service (NIS) B.11.31.04 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
69707172737475767778
C Using NIS in Compat Mode
This appendix describes how to use the Compatibility Mode function. The Compat
Mode can be used to control the name services that are used to obtain user and group
information.
If you specify compat as a name service for the passwd: and group: entries in the
/etc/nsswitch.conf file, then NIS consults the local /etc/passwd or /etc/group
file. Any entries in the /etc/passwd or /etc/group file beginning with a plus (+)
or a minus (-) sign directs the lookup to the NIS server. The plus (+) and minus (-) signs
are called the NIS escape entries.
For more information on configuring the Name Service Switch, see the NFS Services
Administrator's Guide at:
http://www.docs.hp.com/en/netcom.html#NFS%20Services.
This appendix addresses the following topics:
“Using Netgroups in the /etc/passwd File” (page 73)
“Editing the Slave Server's passwd File in Compat Mode” (page 74)
“Editing the group File for Compat Mode” (page 75)
“Logging in Issue with NIS in Compat Mode” (page 75)
Using Netgroups in the /etc/passwd File
The /etc/netgroup file can be used to prevent lookups of certain users in the NIS
passwd database. The /etc/netgroup file defines network-wide groups, and is used
for checking permissions when executing remote mounts, remote login, and remote
shells.
When compat is specified as a name service in the /etc/nsswitch.conf file for the
/etc/passwd file, netgroups can be used in the /etc/passwd file to indicate whether
user information must be searched in the NIS passwd database.
The following example line from the /etc/passwd file indicates that users in the
netgroup animals must be searched in the NIS passwd database:
+@animals
The animals netgroup is defined in the /etc/netgroup file:
animals (-,mickey, ), (-,daffy, ), (-,porky, ), (-,bugs, )
The /etc/passwd file is searched sequentially. Therefore, if user mickey, daffy,
porky, or bugs appears before the animals netgroup in the /etc/passwd file, the
NIS database will not be consulted for information on that user. The netgroup lookups
are done based on the configuration in the /etc/nsswitch.conf file.
The following example lines from the /etc/passwd file indicate that if the NIS passwd
database contains entries for users in the bears and marketing netgroup, these users
will be denied access on the local system. If the machine is an NIS client and the user
is a pure NIS user, then this entry blocks the pure NIS user from logging in to this
system. Any other users can be searched in the NIS database.
Using Netgroups in the /etc/passwd File 73