Unix‎ > ‎Solaris‎ > ‎Solaris man pages‎ > ‎1m‎ > ‎

nisd


NAME
     rpc.nisd, nisd - NIS+ service daemon

SYNOPSIS
     /usr/sbin/rpc.nisd [-ACDFhlv] [-Y [-B [-t netid]]]
         [-d dictionary] [-L load] [-S level] [-m mappingfile]
         [-x attribute=value]... [-z number]


DESCRIPTION
     The rpc.nisd daemon is an RPC service  that  implements  the
     NIS+  service.  This  daemon must be running on all machines
     that serve a portion of the NIS+ namespace.


     rpc.nisd is usually started from a system startup script.


     The -B option causes rpc.nisd to start an auxiliary process,
     rpc.nisd_resolv,  which  provides ypserv compatible DNS for-
     warding for NIS host requests. rpc.nisd_resolv can  also  be
     started  independently.  See  rpc.nisd_resolv(1M)  for  more
     information on using rpc.nisd_resolv independently.


     The  /etc/default/rpc.nisd  file  contains   the   following
     default parameter settings. See FILES.

     ENABLE_NIS_YP_EMULATION    Specifies whether the  server  is
                                put  into  NIS (YP) compatibility
                                mode. ENABLE_NIS_YP_EMULATION=YES
                                is  equivalent to the -Y command-
                                line option.  The  default  value
                                for   ENABLE_NIS_YP_EMULATION  is
                                NO.


OPTIONS
     -A                    Authentication verbose mode. The  dae-
                           mon   logs   all   the  authentication
                           related activities to syslogd(1M) with
                           LOG_INFO priority.


     -B                    Provide ypserv compatible DNS forward-
                           ing  for  NIS  host  requests. The DNS
                           resolving process, rpc.nisd_resolv, is
                           started  and  controlled  by rpc.nisd.
                           This   option   requires   that    the
                           /etc/resolv.conf  file  be  setup  for
                           communication with a  DNS  nameserver.
                           The  nslookup  utility  can be used to
                           verify  communication   with   a   DNS
                           nameserver.   See  resolv.conf(4)  and
                           nslookup(1M).


     -C                    Open     diagnostic     channel     on
                           /dev/console.


     -D                    Debug mode. Do not fork.


     -d dictionary         Specify an  alternate  dictionary  for
                           the  NIS+ database. The primary use of
                           this option is for testing. Note  that
                           the  string is not interpreted, rather
                           it   is   simply   passed    to    the
                           db_initialize function.>


     -F                    Force the server to do a checkpoint of
                           the database when it starts up. Forced
                           checkpoints may be required  when  the
                           server  is  low  on  disk  space. This
                           option removes updates from the  tran-
                           saction  log  that  have propagated to
                           all of the replicas.


     -h                    Print list of options.


     -L number             Specify the ``load'' the NIS+  service
                           is allowed to place on the server. The
                           load is  specified  in  terms  of  the
                           number  of  child  processes  that the
                           server may spawn. The value of  number
                           must  be  at  least 1 for the callback
                           functions  to  work   correctly.   The
                           default is 128.


     -m mappingfile        Specify the name  of  a  configuration
                           file  that  maps  NIS+  objects (espe-
                           cially tables  and  columns)  to  LDAP
                           (entries    and    attributes).    See
                           NIS+LDAPmapping(4). The  default  path
                           is  /var/nis. The default mapping file
                           is  NIS+LDAPmapping.  If   this   file
                           exists,  the  rpc.nisd daemon will map
                           data to and  from  LDAP.   A  template
                           mapping  file  that  covers the normal
                           NIS+   directories   and   tables   is
                           installed                           as
                           /var/nis/NIS+LDAPmapping.template.

                           A NIS+ object must have a  valid  map-
                           ping  entry  in  the  mapping  file in
                           order to have data for that table read
                           from  or  written  to the LDAP reposi-
                           tory.

                           The rpc.nisd(4) file contains specifi-
                           cations  for  LDAP  server  addresses,
                           LDAP authentication  method,  and  the
                           like.  See  NIS+LDAPmapping(4)  for an
                           overview of the setup you need to  map
                           NIS+ data to or from LDAP.


     -S level              Set the authorization  security  level
                           of  the  service.  The  argument  is a
                           number between 0 and  2.  By  default,
                           the daemon runs at security level 2.

                           0    Security level 0 is  designed  to
                                be  used  for testing and initial
                                setup of the NIS+ namespace. When
                                running  at  level  0, the daemon
                                does not enforce any access  con-
                                trols.  Any  client is allowed to
                                perform any operation,  including
                                updates and deletions.


                           1    At security level 1,  the  daemon
                                accepts    both    AUTH_SYS   and
                                AUTH_DES credentials for  authen-
                                ticating  clients and authorizing
                                them to perform NIS+  operations.
                                This  is  not  a  secure  mode of
                                operation since AUTH_SYS  creden-
                                tials   are  easily  forged.   It
                                should not be used on networks in
                                which  any  untrusted  users  may
                                potentially have access.


                           2    At security level 2,  the  daemon
                                only accepts authentication using
                                the security  mechanisms  config-
                                ured   by  nisauthconf(1M).   The
                                default  security  mechanism   is
                                AUTH_DES. Security level 2 is the
                                default if the -S option  is  not
                                used.



     -t netid              Use netid as the transport for commun-
                           ication     between    rpc.nisd    and
                           rpc.nisd_resolv. The default transport
                           is  ticots(7D) ( tcp on SunOS 4.x sys-
                           tems).


     -v                    Verbose. With this option, the  daemon
                           sends  a  running narration of what it
                           is doing to  the  syslog  daemon  (see
                           syslogd(1M))   at  LOG_INFO  priority.
                           This option is most useful for  debug-
                           ging  problems  with  the service. See
                           also -A option.


     -x attribute=value    Specify the value of the named  attri-
                           bute. Attributes that control the NIS+
                           to LDAP mapping operation are  derived
                           as follows:

                               1.   Retrieve from LDAP.

                               2.   Override with values from the
                                    mappingfile,  if any. See the
                                    -m option.

                               3.   Override with values from the
                                    command line -x options.
                           See NIS+LDAPmapping(4) and rpc.nisd(4)
                           for   the  recognized  attributes  and
                           their syntax.

                           As a special case,  you  can  use  the
                           nisplusLdapConfig*    attributes    to
                           derive  additional  information   from
                           LDAP.   You   can   only  specify  the
                           nisplusLdapConfig*    attributes    in
                           rpc.nisd(4) or by means of the command
                           line.


     -Y                    Put the server into NIS (YP)  compati-
                           bility  mode.  When  operating in this
                           mode, the NIS+ server will respond  to
                           NIS  Version 2 requests using the ver-
                           sion  2  protocol.  Because   the   YP
                           protocol  is  not  authenticated, only
                           those items that have read  access  to
                           nobody  (the  unauthenticated request)
                           will be visible through the V2  proto-
                           col.  It  supports  only  the standard
                           Version 2 maps in this  mode  (see  -B
                           option  and  NOTES in ypfiles(4)). See
                           FILES.


     -z number             Specify the maximum  RPC  record  size
                           that   can  be  used  over  connection
                           oriented transports.  The  default  is
                           9000 bytes. If you specify a size less
                           than the default  value,  the  default
                           value will be used instead.


EXAMPLES
     Example 1 Setting up the NIS+ Service


     The following example sets up the NIS+ service.


       example% rpc.nisd



     Example 2 Setting Up NIS+ Service Emulating YP With DNS For-
     warding


     The following example sets up the NIS+ service, emulating YP
     with DNS forwarding.


       example% rpc.nisd -YB



     Example 3 Specifying NIS+ and LDAP Mapping Information


     The following example shows how to specify  that  all  addi-
     tional NIS+ and LDAP mapping information should be retrieved
     from DN "dc=x,dc=y,dc=z", from the LDAP server at IP address
     1.2.3.4,  port 389. The examples uses the simple authentica-
     tion method and the cn=nisplusAdmin,ou=People,  proxy  user.
     The -m option is omitted for clarity in this example..


       -x nisplusLDAPconfigDN=dc=x,dc=y,dc=z \
       -x nisplusLDAPconfigPreferredServerList=127.0.0.1:389 \
       -x nisplusLDAPconfigAuthenticationMethod=simple \
       -x nisplusLDAPconfigProxyUser=cn=nisplusAdmin,ou=People, \
       -x nisplusLDAPconfigProxyPassword=xyzzy



ENVIRONMENT VARIABLES
     NETPATH    The transports that the NIS+ service will use can
                be  limited by setting this environment variable.
                See netconfig(4).


FILES
     /var/nis/data/parent.object

         This file describes  the  namespace  that  is  logically
         above the NIS+ namespace. The most common type of parent
         object is a DNS object.  This  object  contains  contact
         information for a server of that domain.


     /var/nis/data/root.object

         This  file  describes  the  root  object  of  the   NIS+
         namespace.  It  is a standard XDR-encoded NIS+ directory
         object that can be modified by authorized clients  using
         the nis_modify(3NSL) interface.


     /etc/default/rpc.nisd

         LDAP connection and general rpc.nisd configuration.  You
         can  override  some  of  the  settings  by  command-line
         options.


     /var/nis/NIS+LDAPmapping

         Default path for LDAP mapping file. See  the  discussion
         of the -m option.


ATTRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:





     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Availability                | SUNWnisu                    |
    |_____________________________|_____________________________|


SEE ALSO
     svcs(1),  nis_cachemgr(1M),  nisauthconf(1M),   nisinit(1M),
     nissetup(1M),        nisldapmaptest(1M),       nslookup(1M),
     rpc.nisd_resolv(1M),     rpc.nispasswdd(1M),     svcadm(1M),
     syslogd(1M),  nis_modify(3NSL),  NIS+LDAPmapping(4), netcon-
     fig(4),    nisfiles(4),     resolv.conf(4),     rpc.nisd(4),
     ypfiles(4), attributes(5), smf(5), ticots(7D)

NOTES
     NIS+ might not  be  supported  in  future  releases  of  the
     Solaris  Operating  system.  Tools to aid the migration from
     NIS+ to LDAP are available in the current  Solaris  release.
     For            more            information,            visit
     http://www.sun.com/directory/nisplus/transition.html.


     The rpc.nisd service is managed by  the  service  management
     facility, smf(5), under the service identifier:

       svc:/network/rpc/nisplus:default




     Administrative actions on this service,  such  as  enabling,
     disabling,  or  requesting  restart,  can be performed using
     svcadm(1M). The service's status can be  queried  using  the
     svcs(1) command.










Man pages from Solaris 10 Update 8. See docs.sun.com and www.oracle.com for further documentation and Solaris information.
Comments