NIS and NIS+ cheat sheet

This quick reference guide is for administrating NIS and NIS+. Information is presented in a task oriented manner. Commands are summarized in the table below which is followed by explanatory notes. Each task is followed by the command or commands necessary when using local files (e.g. /etc/hosts), NIS and NIS+.

Commands

The tables below provide a list of administrative commands used for local file administration and for both NIS and NIS+. Other relevant commands and references can be found at the end of this quick reference guide.

NIS commands

CommandDescription
ypcat Display the contents of a NIS table
ypmatch Find an entry in a NIS table
yppush Copy a NIS map to slave servers
ypwhich Find the name of a NIS server

NIS+ commands

CommandDescription
nisaddcred Add or delete NIS+ credentials
niscat Display the contents of a NIS+ table
nismatch Find an entry in a NIS+ table
nisping Update replicas
nistbladm Administer NIS+ table
nisls List contents of NIS+ directory

User Management

TaskFilesNISNIS+
List users cat /etc/passwd ypcat passwd.byname niscat passwd.org_dir.$DIRECTORY
List UIDs cat /etc/passwd | cut -f3 -d: | sort -n ypcat passwd.byname | cut -f3 -d: | sort -n niscat passwd.org_dir.$DIRECTORY | \
cut -f3 -d: | sort -n
Find user grep $USERID /etc/passwd ypmatch $USERID passwd.byname nismatch $USERID passwd.org_dir.$DIRECTORY
Add user useradd
  1. add user details to $NIS_SOURCE/passwd $NIS_SOURCE/shadow
  2. /usr/ccs/bin/make /var/yp/Makefile
  1. nistbladm -a name=$USERID passwd=$ENCRYPTED uid=$UID gid=$GID gcos='$DESCRIPTION' home=$PATH2HOME/$USERID shell=$SHELL shadow=:::::: passwd.org_dir.$DIRECTORY
  2. nisclient -c -o $USERID
Change user usermod
  1. edit user details in $NIS_SOURCE/passwd
  2. /usr/ccs/bin/make /var/yp/Makefile
nistbladm -e column=value '[name=$USERID], passwd.org_dir.$DIRECTORY'

e.g.

nistbladm -e home=/somewhere/mynewhome '[name=smurf], passwd.org_dir.mydomain.local'
Delete user userdel
  1. delete user details from $NIS_SOURCE/passwd
  2. /usr/ccs/bin/make /var/yp/Makefile
  1. nisaddcred -r $USERID.$DIRECTORY $DIRECTORY
  2. nistbladm -r '[name=$USERID],passwd.org_dir.$DIRECTORY

e.g.

nisaddcred -r smurf.mydomain.local mydomain.local
nistbladm -r '[name=smurf],passwd.org_dir.mydomain.local' note there is no gap between],passwd
Disable user account passwd -r files -l passwd -r nis -l
Change user's password passwd -r files $USERID passwd -r nis $USERID
  1. passwd -r nisplus $USERID
  2. nisclient -c -o $USERID
Set user defaults useradd -D N/A N/A

Group Management

TaskFilesNISNIS+
List groups cat /etc/group ypcat group.byname niscat group.org_dir.$DIRECTORY
List GIDs cat /etc/group | cut -f3 -d: | sort -n ypcat group.byname | cut -f3 -d: | sort -n niscat group.org_dir.$DIRECTORY | cut -f3 -d: | sort -n
Add group groupadd
  1. add group details to $NIS_SOURCE/group
  2. /usr/ccs/bin/make /var/yp/Makefile
nistbladm
Delete group groupdel
  1. remove group details from $NIS_SOURCE/group
  2. /usr/ccs/bin/make /var/yp/Makefile
nistbladm
Add user to group usermod -G list-of-secondary- groups
  1. add user to member list for group in $NIS_SOURCE/group
  2. /usr/ccs/bin/make /var/yp/Makefile
nistbladm -e

Netgroup Management

TaskFilesNISNIS+
Add user to netgroup N/A
  1. Add user details in netgroup
  2. /usr/ccs/bin/make /var/yp/Makefile
nistbladm –a name=’$NETGROUP’ user=’$USERID’ group=’ host=’ domain=’ comment=’ netgroup.org_dir.$DIRECTORY

or

nistbladm –a name=$NETGROUP user=$USERID netgroup.org_dir.$DIRECTORY

Add a host to a netgroup N/A
  1. Add host details in netgroup
  2. /usr/ccs/bin/make /var/yp/Makefile
nistbladm –a name=’$NETGROUP’ user=’ group=’ host=’ domain=’ comment=’ netgroup.org_dir.$DIRECTORY

or

nistbladm –a name=$NETGROUP host=$HOST netgroup.org_dir.$DIRECTORY

Host Management

TaskFilesNISNIS+
List hosts cat /etc/hosts ypcat hosts.byname niscat hosts.org_dir.$DIRECTORY
Find host grep $HOST /etc/hosts ypmatch $HOST hosts.byname nismatch $HOST hosts.org_dir.$DIRECTORY
Add host Edit /etc/hosts
  1. Add host details in $NIS_SOURCE/hosts
  2. /usr/ccs/bin/make /var/yp/Makefile
  1. nisbtladm –a cname=’$CNAME’ name=’$HOST’ addr=’$IPADDR’ hosts.org_dir.$DIRECTORY
  2. nisclient –c –l $HOSTPASSWORD $HOST
Edit host Edit /etc/hosts
  1. edit host details in $NIS_SOURCE/hosts
  2. /usr/ccs/bin/make /var/yp/Makefile
nistbladm -e column=value '[name=$HOST],hosts.org_dir.$DIRECTORY'

e.g.

nistbladm -e alias=anothername '[name=myhost],hosts.org_dir.mydomain.local'

Remove host remove entry from /etc/hosts
  1. remove entry from $NIS_SOURCE/hosts
  2. /usr/ccs/bin/make /var/yp/Makefile
nistbladm –r name=’$HOST’ hosts.org_dir.$DIRECTORY

Domain/Directory Management

TaskFilesNISNIS+
Print domain N/A domainname domainname
Set domain N/A domainname $DIRECTORY domainname $DIRECTORY
List master server N/A ypwhich -m niscat -o $DIRECTORY
List directory servers N/A ypcat -k ypservers niscat -o $DIRECTORY
Update slave servers / replicas N/A yppush nisping org_dir.$DIRECTORY

nisping groups_dir.$DIRECTORY

List maps/ tables N/A ypwhich -m nisls org_dir.$DIRECTORY

Table Legend

The following varibles have been used in the above tables:

VaritableMeaning
$DIRECTORY Your directory, e.g acme.local
$USERID User id / user name, e.g. jdoe
$NIS_SOURCE Directory containing NIS source files e.g /etc
$ENCRYPTED Encrypted password
$UID User's uid
$GID User's gid (primary group id)
$DESCRIPTION Description for account, typically a user's name, e.g. John Doe
$PATH2HOME Directory path to a user's home directory
$SHELL User's shell
$HOST Unqualified host name
$CNAME Alias
$HOSTPASSWORD Network password for host

Other commands

Some other commands relevant to directories that are not specific to a particular directory service:

In Solaris 10, pwck and grpck can be used to check the passwd and group files; the commands can take a parameter which is the name of the file to check which is useful if the source files for NIS are located in a directory other than /etc.

getent is a Solaris command for finding entries from a number of possible directory sources and / or files.

The command domainname in Solaris 10 will display (or set) the domain name for the directory service in use (NIS, NIS+ or DNS).

Additional notes

NIS

It is often recommended that the files in the /etc directory should not be used as the source files for a NIS system. The recommendation is to take copies of these files and store edited versions in an appropriate file system directory (e.g. /export/yp/etc). Unfortunately there is no standard directory for this purpose.

NIS+

Changing a user's password

As an administrator, when changing a user's password for them, it is also necessary to update the cred.org_dir table. This is most easily done using nisclient -c -o

Further information

Sun document: System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) http://docs.sun.com/app/docs/doc/816-4556

Sun document: System Administration Guide: Naming and Directory Services (NIS+) http://docs.sun.com/app/docs/doc/816-4558