Very Computer

Which should we use? What about security of NIS?  We used to have lots
of students ypcat us when we ran NIS years ago. Doesn't NIS+ provide

At my previous job, I was charged with putting up either NIS or NIS+,
and the boss's preference was NIS+ (probably for no other reason than
it seemed newer). You should've seen the wierd system problems that we
had with it, and that's just during testing, and all of the things we
had to get used to.

For example, make sure you keep "nistbladm -d" vs. "nistbladm -r"
straight in your head. Because one command will delete an entry in a
NIS+ table, and the other one will delete the whole table. And there is
no warning about you trying to delete a table, it just happily does it.

Administratively, NIS+ is one tough mudder to get used to. But once you
get used to it, you get to appreciate how quickly it it can do things.
Now that I've got the NIS+ experience, I would recommend going to NIS+
over NIS, but that's only because now I know all about NIS+. If I think
back upon it, and having to learn it from scratch, and finding all of
the undocumented "features" (used to be called bugs) in the system that
you have to get used to getting around, then no I wouldn't recommend it.

So as you can tell, I got mixed emotions about NIS+.

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.

ykhan,

A point of clarification:

sol5.7 man
-----
...
     -d tablename   Destroy the table named tablename.  The table
                    that  is  being destroyed must be empty.  The
                    table's contents can be deleted with  the  -R
                    option below.
...
-----

There are many 'perils' involved with NIS+ but accidentally deleting an
entire table with data via nistbladm is not one of them.   nisaddent . .
.  now that is a whole other story <grin>

In closing, NIS+ over NIS any day!

Ron

--
+--------------------------------------------------------+
|   Ron Dilley          Sr. UNIX Network Administrator   |

+--------------------------------------------------------+

But, certainly at one point in history, one of the `product features' was
that -d tablename did in fact delete a non-empty table... I havn't tried
it recently , but I urge Ron to try deleting one of his non-empty tables
and let us know what the outcome was!

Pete,

Quote:> ykhan,

> A point of clarification:

> sol5.7 man
> -----
> ...
>      -d tablename   Destroy the table named tablename.  The table
>                     that  is  being destroyed must be empty.  The
>                     table's contents can be deleted with  the  -R
>                     option below.
> ...
> -----

> There are many 'perils' involved with NIS+ but accidentally deleting
an
> entire table with data via nistbladm is not one of them.
nisaddent . .
> .  now that is a whole other story <grin>

> In closing, NIS+ over NIS any day!

Well, it seems like Solaris 7 has improved that over Solaris 2.5.1,
which where I originally setup NIS+. Because it was possible to happily
delete the whole table, whether it was empty or not.

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.

I set up NIS+ a several years ago at my old site - it didn't last long
before we ripped it out (lots of  problems!) and put in NIS.

Sure it provides features which are not possible in NIS, plus the security
factor but we didn't need or want those extra features and the security
issue is not such a big deal as long as you make sure your users do not
have crackable passwords.

NIS is nice and simple and tends to work quite well across platforms -
never tried NIS+ servers with other vendors running NIS clients (might be
good for a laugh...).

Adrian

Quote:> I set up NIS+ a several years ago at my old site - it didn't last long
> before we ripped it out (lots of  problems!) and put in NIS.

That I can certainly understand. I can recall when we first set it up
in the office where I used to work, we ran into so many problems during
the test phase, we were sure weren't going to implement it, but
miraculously, just before we began deploying it, it stabilized, so we
went ahead with the deployment. I think the one piece of advice I can
give people thinking of running NIS+ is that if you got a working
system, then don't mess with it, and let it run by itself.

     Yousuf Khan

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.