NIS domain and DNS domain

NIS domain and DNS domain

Post by Jamie Thingelst » Sat, 25 Jan 1997 04:00:00

I want to make sure I'm correct on this... the NIS domain of a Solaris
machine is completely independent of its domain name(s) it is known by
in the DNS system, right?

I.e., if machine is named it doesn't have to be in NIS
domain right?

Jamie Thingelstad, CTO          (Fax) 612.832.5926 (Voice) 612.832.9445x24
Concerto Technologies      7600 France Ave South, St. 106, Edina, MN 55435


1. More on NIS+ domain != DNS domain & Secure NFS

  Setting up a test domain where the NIS+ domain is not the DNS domain,
(it appears as far as principles go, always use the NIS+ domain).

  Thus for the network comprising: (master)

  NIS+ domain == ""; I have the credentials  (`niscat cred`) :


  and one user:

to represent:

  eric:fq...sig:11476:100:Eric Berggren:/u/eric:/bin/csh:10176:-1:-1:-1:-1::0

  Which seems to work (except the occasional NIS+ fatal error: 19  brought
up in a previous article).

  Now trying to work with secure NFS.

  On :

share   -F nfs  -o sec=dh       /disk/cache/sekrat

  attempting to mount on

        # mount -o secure /mnt
        fsaddtomtab: stat /mnt: Invalid argument

unix: NOTICE: authdes_refresh: unable to encrypt conversation key for user (uid 0), rpc status 16

  in addition to :

unix: NOTICE: authdes_refresh: unable to encrypt conversation key for user (uid 11476), rpc status 16

(when going through automount) to syslog.

  running snoop on an adjacent host shows a number of NIS+ references : -> NIS+ C FindDir "com." -> NIS+ R FindDir [Not Found, no such name]

which are the only NIS+ calls made (among normal looking NFS calls,
with Auth=des)

  Manuals/FAQs state that merely setting the "secure" (or "sec=dh") option
on both endds is all that is needed under NIS+ as all the necessary
credentials exist.

  Relavent entries in nsswitch.conf contain:

        passwd:     files nisplus
        hosts:      dns files
        publickey:  nisplus

on all hosts (hosts map is _empty_).

  So what am i overlooking here ?


  Eric Berggren             | "Parts of this product may be derived from
  Portland State University |  from UNIX and Berkeley 4.3 BSD systems..."

2. IPX RIP/SAP routing between ppp and eth

3. NIS domain names and DNS domain names not matching.

4. Solaris 8 and ipseckey

5. Must NIS+ domain = DNS domain ??

6. How to merge two columns of numbers from two different files?

7. NIS+ domain VS. DNS domain

8. Yellow Dog Linux

9. NIS+ Sub-Domain client: should it be a member of the master domain AND sub-domain?

10. How to have 2 component NIS+ domain emulate one component NIS domain?

11. NIS using a different domain than the default domain

12. NIS domain like windows domain?

13. ???How An NIS+ Domain Gets Principal Information In Other Domains???