HP-UX Reference (11i v2 03/08) - 1M System Administration Commands N-Z (vol 4)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

nisclient(1M) nisclient(1M)

NAME

nisclient - initialize NIS+ credentials for NIS+ principals

SYNOPSIS

/usr/lib/nis/nisclient -c

[ -x

][-o ][-v ][-l network_password ]

[

-d NIS+_domain ] client_name ...

/usr/lib/nis/nisclient -i

[ -x

][-v ] -h NIS+_server_host

[

-a NIS+_server_addr ][

-d NIS+_domain ][

-S 0|2 ]

/usr/lib/nis/nisclient -u

[ -x

][-v ]

/usr/lib/nis/nisclient -r

[ -x

]

DESCRIPTION

The

nisclient shell script can be used to:

• create NIS+ credentials for hosts and users

• initialize NIS+ hosts and users

• restore the network service environment

NIS+ credentials are used to provide authentication information of NIS+ clients to NIS+ service.

Use the ﬁrst synopsis (

-c ) to create individual NIS+ credentials for hosts or users. You must be logged

in as a NIS+ principal in the domain for which you are creating the new credentials. You must also have

write permission to the local "cred" table. The client_name argument accepts any valid host or user name

in the NIS+ domain (for example, the client_name must exist in the hosts or passwd table). nis-

client veriﬁes each client_name against both the hosts and passwd tables, then adds the proper

NIS+ credentials for hosts or users. Note that if you are creating NIS+ credentials outside of your local

domain, the host or user must exist in the hosts or passwd tables in both the local and remote

domains.

By default,

nisclient will not overwrite existing entries in the credential table for the hosts and users

speciﬁed. To overwrite, use the -o option. After the credentials have been created,

nisclient will

print the command that must be executed on the client machine to initialize the host or the user. The

-c

option requires a network password for the client which is used to encrypt the secret key for the client.

You can either specify it on the command line with the

-l option or the script will prompt you for it. You

can change this network password later with nispasswd(1) or chkey(1).

nisclient -c is not intended to be used to create NIS+ credentials for all users and hosts that are

deﬁned in the passwd and hosts tables. To deﬁne credentials for all users and hosts, use

nispopulate (1M).

Use the second synopsis (

-i ) to initialize a NIS+ client machine. -i

The option can be used to convert

machines to use NIS+ or to change the machine’s domainname. You must be logged in as super-user on

the machine that is to become a NIS+ client. Your administrator must have already created the NIS+

credential for this host by using

nisclient -c or nispopulate -C. You will need the network

password your administrator created. nisclient will prompt you for the network password to decrypt

your secret key and then for this machine’s root login password to generate a new set of secret/public

keys. If the NIS+ credential was created by your administrator using nisclient -c, then you can sim-

ply use the initialization command that was printed by the nisclient script to initialize this host

instead of typing it manually.

To initialize an unauthenticated NIS+ client machine, use the

-i option with the -S 0. With these

options, the

nisclient -i option will not ask for any passwords.

During the client initialization process, ﬁles that are being modiﬁed are backed up as ﬁles.no_nisplus.

The ﬁles that are usually modiﬁed during a client initialization are:

/etc/rc.config.d/namesvrs,

/etc/nsswitch.conf, /etc/hosts, and, if it exists, /var/nis/NIS_COLD_START. Note that a

ﬁle will not be saved if a backup ﬁle already exists.

The

-i option does not set up an NIS+ client to resolve hostnames using DNS. Please refer to the DNS

documentation for information on setting up DNS. (See resolver (4)).

Use the third synopsis (

-u ) to initialize a NIS+ user. You must be logged in as the user on a NIS+ client

machine in the domain where your NIS+ credentials have been created. Your administrator should have

already created the NIS+ credential for your username using nisclient -c or nispopulate (1M). You

will need the network password your administrator used to create the NIS+ credential for your username.

HP-UX 11i Version 2: August 2003 − 1 − Hewlett-Packard Company Section 1M−−545