HP-UX Reference (11i v2 03/08) - 1 User Commands N-Z (vol 2)
n
nis+(1) nis+(1)
NAME
nis+, NIS+, nis - a new version of the network information name service
DESCRIPTION
NIS+ is a new version of the network information name service. This version differs in several significant
ways from version 2, which is referred to as NIS or YP in earlier releases. Specific areas of enhancement
include the ability to scale to larger networks, security, and the administration of the service.
The man pages for NIS+ are broken up into three basic categories. Those in section 1 are the user com-
mands that are most often executed from a shell script or directly from the command line. Section 1M
man pages describe utility commands that can be used by the network administrator to administer the
service itself. The NIS+ programming API is described by man pages in section 3N.
All commands and functions that use NIS version 2 are prefixed by the letters
yp as in ypmatch(1),
ypcat(1), yp_match(3C), and yp_first(3C). Commands and functions that use the new replacement
software NIS+ are prefixed by the letters
nis as in nismatch (1), nischown(1), nis_list (3N), and
nis_add_entry(3N). A complete list of NIS+ commands is in the LIST OF COMMANDS section.
This man page introduces the NIS+ terminology. It also describes the NIS+ namespace, authentication,
and authorization policies.
NIS+ NAMESPACE
The naming model of NIS+ is based upon a tree structure. Each node in the tree corresponds to an NIS+
object. There are six types of NIS+ objects: directory , table , group, link, entry, and private .
NIS+ Directory Object
Each NIS+ namespace will have at least one NIS+ directory object. An NIS+ directory is like a UNIX file
system directory which contains other NIS+ objects including NIS+ directories. The NIS+ directory that
forms the root of the NIS+ namespace is called the root directory. There are two special NIS+ directories:
org_dir and groups_dir. The org_dir directory consists of all the system-wide administration
tables, such as passwd, hosts, and mail_aliases. The groups_dir directory consists of NIS+
group objects which are used for access control. The collection of org_dir, groups_dir and their
parent directory is referred to as an NIS+ domain. NIS+ directories can be arranged in a tree-like struc-
ture so that the NIS+ namespace can match the organizational or administrative hierarchy.
NIS+ Table Object
NIS+ tables (not files), contained within NIS+ directories, store the actual information about some partic-
ular type. For example, the
hosts system table stores information about the IP address of the hosts in
that domain. NIS+ tables are multicolumn and the tables can be searched through any of the searchable
columns. Each table object defines the schema for its table. The NIS+ tables consist of NIS+ entry
objects. For each entry in the NIS+ table, there is an NIS+ entry object. NIS+ entry objects conform to
the schema defined by the NIS+ table object.
NIS+ Group Object
NIS+ group objects are used for access control at group granularity. NIS+ group objects, contained within
the
groups_dir directory of a domain, contain a list of all the NIS+ principals within a certain NIS+
group. An NIS+ principal is a user or a machine making NIS+ requests.
NIS+ Link Object
NIS+ link objects are like UNIX symbolic file-system links—they are typically used for shortcuts in the
NIS+ namespace.
Refer to nis_objects (3N) for more information about the NIS+ objects.
NIS+ NAMES
The NIS+ service defines two forms of names, simple names and indexed names. Simple names are
used by the service to identify NIS+ objects contained within the NIS+ namespace. Indexed names are
used to identify NIS+ entries contained within NIS+ tables. Furthermore, entries within NIS+ tables are
returned to the caller as NIS+ objects of type entry. NIS+ objects are implemented as a union structure
which is described in the file
<rpcsvc/nis_object.h>. The differences between the various types
and the meanings of the components of these objects are described in nis_objects (3N).
HP-UX 11i Version 2: August 2003 − 1 − Hewlett-Packard Company Section 1−−587