Manualshelf

Whitepaper on NIS Features on HPUX 11i v3

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
123456
1. Executive Summary
This paper describes the new NIS features and their usage on HP- UX 11i v3.
2. Intended Audience
HP Customers currently using NIS or planning to use NIS, System Administrators, Response
Center Engineers who support NIS and HP field and consulting who advise customers on
solutions for their environments. It is assumed that the reader has functional knowledge of NIS
and its usage.
3. Introduction
Network Information Service (NIS) is a client server directory service protocol used to maintain a
centralized repository of system information such as hosts, users, passwords and other user
defined information. With the upcoming HPUX release, HPUX 11i v3, HP provides additional
features on NIS. The version of NIS available on HPUX 11i v3 is based on Solaris NIS version 1.2
with enhanced features including some ONC+ 2.3 features. This whitepaper describes the new
features and their usage.
4. Feature 1: DNS Forwarding Mode
DNS Forwarding mode can now be enabled through a new option -d to the NIS server daemon,
ypserv. When running in DNS forwarding mode, if the host/ipnode entry is not found in the NIS
host/ipnode database ypserv automatically forwards the host/ipnode queries to DNS. This
feature is useful in a configuration where certain host/ipnode entries are present in NIS
repository and a different set of entries are present in DNS repository. For example, if you have
the host information for host X in NIS and host Y in DNS. With a nsswitch configuration for hosts
such as hosts: nis (no DNS) in the file /etc/nsswitch.conf the information for host Y can be
retrieved. NIS would automatically fetch the information from DNS and this operation is
transparent to the user/application and can be achieved without any change to the switch
configuration (through /etc/nsswitch.conf configuration file).
5. Feature 2: Support for Shadow Password
The NIS password daemon rpc.yppasswdd now supports the HPUX Shadow Password mode. In
Shadow Password mode, the HPUX system maintains the user passwords in a different file by
name shadow and replaces the encrypted password in the passwd file with x. This enhances
the password security of the system. The system can be converted to shadow mode by using the
command pwconv and revert the system by using pwunconv. For more information, see
pwconv(1M) & pwunconv(1M). The NIS subsystem can now interpret the passwd and shadow
files when the system is in shadow mode i.e. the NIS subsystem can recognize a system in
shadow mode and build, store and retrieve the password information accordingly.
To enable this feature, a variable SHADOW_MODE has been introduced into the file
/etc/rc.config.d/namesvrs.
The SWFILE option has been introduced to the ypmake command to point to the shadow file.
The default value for SWFILE is /etc/shadow (see ypmake(1M)).
6. Feature 3: IPv6 Data Support
This feature allows IPv6 data to be retrieved by using NIS commands such as ypcat and
ypmatch.
On an HPUX system, the /etc/hosts file can contain IPv4 and IPv6 addresses for all the hosts. On
HPUX 11i v3, the NIS subsystem extracts the IPv6 information from the /etc/hosts file and builds