Previous Table of Contents Next


This part introduces the NIS+ naming service environment. Chapter 5 provides an overview of NIS+, explains how NIS+ differs from the Solaris 1.x NIS naming service, and introduces the NIS+ commands. Chapter 6 describes how to add a system as an NIS+ client in an existing NIS+ environment.

Refer to the chapters in this part if you want to familiarize yourself with the basics of the NIS+ naming service and its administrative commands and for instructions on how to set up an NIS+ client.

Introducing the NIS+ Environment

Comparison of NIS and NIS+
The NIS+ Namespace
NIS+ Security
The NIS+ Updating Model
NIS and NIS+ Compatibility
The Name Service Switch
NIS+ Administration

NIS+ is a network information service that is new with solaris 2.x. NIS+ is a repository of administrative information, the foundation for the Solaris 2.x AdminSuite applications, and a storage place for network resource information that users can access without knowing the specific location of the resource. NIS+ is a component of ONC+™. ONC+ consists of a set of new and enhanced core services for enterprise-wide distributed computing. ONC+ services—including NIS+, TI-RCP (transport-independent RPC), and enhanced NFS—are completely compatible and will interoperate with the installed base of ONC (open network computing) services, including NFS, NIS, and RPC services. NIS+, which replaces Solaris 1.x NIS, is compatible with it. When run in compatibility mode, NIS+ serves NIS requests as well as NIS+ requests. NIS+ is designed to manage resources for distributed systems, make it easier to administer in complex organizations, and provide more security than was possible with NIS.

The main function of NIS+ is to simplify system and network administration, including tasks such as adding and relocating systems and users. A second function is to act as directory assistance for the network by allowing users and applications to find other network entities easily. For example, when using NIS+, you can easily locate other users and resources in the corporate network, regardless of the actual physical location of the entity.

One important benefit of NIS+ is scalability: NIS+ simplifies the administration of both small and large networks. As organizations grow and decentralize, NIS+ continues to provide administrative efficiency. Another key enhancement in NIS+ is update performance. Changes made to the NIS+ information base are automatically and instantaneously propagated to replica servers across the network. You can implement tasks such as adding new systems and users much more rapidly than with NIS. NIS+ provides improved security over NIS. NIS+ lets you flexibly control access to network resources by preventing unauthorized sources from reading, changing, or destroying naming service information.

This chapter describes the differences between NIS and NIS+; how NIS+ information is organized, stored, and distributed; how NIS+ security mechanisms work; and how NIS+ information is updated. It also describes a new feature of Solaris 2.x system software (the name service switch file) and introduces the NIS+ commands. Chapter 6, “Setting Up NIS+ Clients,” describes how to set up an NIS+ client system on a network where NIS+ is already installed and configured. Describing NIS+ completely and providing installation and setup instructions for master and replica servers are beyond the scope of this book.

Comparison of NIS and NIS+

To help you understand the differences between NIS and NIS+, Table 5-1 compares the features of the two programs.

Table 5-1 Comparison of NIS and NIS+ Features

Capability NIS Features NIS+ Features
Namespace Flat. Hierarchical.
Database Centralized for each independent network domain. Partitioned into directories to support each network subset or autonomous domain.
Data storage Multiple bi-column maps with key-value pairs. Multicolumn tables with multiple searchable columns.
Replication Minimum of one replica server per IP subnetwork. Each replica server can serve clients on multiple IP subnets.
Update privileges Requires superuser privileges on the master server. Performed remotely by authorized administrators; no superuser privileges required.
Update propagation Initiated by administrator; whole maps transferred. Automatic and high-performance updating using only updated information.
Authorization Anyone can read all of the information stored in the NIS database. Access control to individual elements within the NIS + directories, tables, columns, and entries.
Resource access across domains Not supported. Permitted for authorized users.

Previous Table of Contents Next