1rpc.nisd(1M)            System Administration Commands            rpc.nisd(1M)
2
3
4

NAME

6       rpc.nisd, nisd - NIS+ service daemon
7

SYNOPSIS

9       /usr/sbin/rpc.nisd [-ACDFhlv] [-Y [-B [-t netid]]]
10            [-d dictionary] [-L load] [-S level] [-m mappingfile]
11            [-x attribute=value]... [-z number]
12
13

DESCRIPTION

15       The rpc.nisd daemon is an RPC service that implements the NIS+ service.
16       This daemon must be running on all machines that serve a portion of the
17       NIS+ namespace.
18
19
20       rpc.nisd is usually started from a system startup script.
21
22
23       The   -B   option  causes  rpc.nisd  to  start  an  auxiliary  process,
24       rpc.nisd_resolv, which provides ypserv compatible  DNS  forwarding  for
25       NIS  host  requests. rpc.nisd_resolv can also be started independently.
26       See rpc.nisd_resolv(1M) for more information on  using  rpc.nisd_resolv
27       independently.
28
29
30       The /etc/default/rpc.nisd file contains the following default parameter
31       settings. See FILES.
32
33       ENABLE_NIS_YP_EMULATION    Specifies whether the server is put into NIS
34                                  (YP)  compatibility mode. ENABLE_NIS_YP_EMU‐
35                                  LATION=YES is equivalent to the -Y  command-
36                                  line   option.   The   default   value   for
37                                  ENABLE_NIS_YP_EMULATION is NO.
38
39

OPTIONS

41       -A                    Authentication verbose mode. The daemon logs  all
42                             the  authentication  related  activities  to sys‐
43                             logd(1M) with LOG_INFO priority.
44
45
46       -B                    Provide ypserv compatible DNS forwarding for  NIS
47                             host   requests.   The   DNS  resolving  process,
48                             rpc.nisd_resolv, is  started  and  controlled  by
49                             rpc.nisd.   This   option   requires   that   the
50                             /etc/resolv.conf file be setup for  communication
51                             with  a  DNS nameserver. The nslookup utility can
52                             be used to verify communication with a DNS  name‐
53                             server. See resolv.conf(4) and nslookup(1M).
54
55
56       -C                    Open diagnostic channel on /dev/console.
57
58
59       -D                    Debug mode. Do not fork.
60
61
62       -d dictionary         Specify  an  alternate  dictionary  for  the NIS+
63                             database. The primary use of this option  is  for
64                             testing. Note that the string is not interpreted,
65                             rather it is simply passed to  the  db_initialize
66                             function.>
67
68
69       -F                    Force  the server to do a checkpoint of the data‐
70                             base when it starts up. Forced checkpoints may be
71                             required  when  the  server is low on disk space.
72                             This option removes updates from the  transaction
73                             log that have propagated to all of the replicas.
74
75
76       -h                    Print list of options.
77
78
79       -L number             Specify  the ``load'' the NIS+ service is allowed
80                             to place on the server. The load is specified  in
81                             terms  of  the number of child processes that the
82                             server may spawn. The value of number must be  at
83                             least  1  for the callback functions to work cor‐
84                             rectly. The default is 128.
85
86
87       -m mappingfile        Specify the name of  a  configuration  file  that
88                             maps NIS+ objects (especially tables and columns)
89                             to   LDAP   (entries   and    attributes).    See
90                             NIS+LDAPmapping(4). The default path is /var/nis.
91                             The default mapping file is  NIS+LDAPmapping.  If
92                             this  file  exists,  the rpc.nisd daemon will map
93                             data to and from LDAP. A  template  mapping  file
94                             that  covers  the  normal  NIS+  directories  and
95                             tables  is  installed  as   /var/nis/NIS+LDAPmap‐
96                             ping.template.
97
98                             A  NIS+ object must have a valid mapping entry in
99                             the mapping file in order to have data  for  that
100                             table  read  from  or written to the LDAP reposi‐
101                             tory.
102
103                             The rpc.nisd(4) file contains specifications  for
104                             LDAP   server   addresses,   LDAP  authentication
105                             method, and the like. See NIS+LDAPmapping(4)  for
106                             an  overview  of  the  setup you need to map NIS+
107                             data to or from LDAP.
108
109
110       -S level              Set the authorization security level of the  ser‐
111                             vice.  The  argument is a number between 0 and 2.
112                             By default, the daemon runs at security level 2.
113
114                             0    Security level 0 is designed to be used  for
115                                  testing and initial setup of the NIS+ names‐
116                                  pace. When running at level  0,  the  daemon
117                                  does  not  enforce  any access controls. Any
118                                  client is allowed to perform any  operation,
119                                  including updates and deletions.
120
121
122                             1    At security level 1, the daemon accepts both
123                                  AUTH_SYS  and   AUTH_DES   credentials   for
124                                  authenticating  clients and authorizing them
125                                  to perform NIS+ operations. This  is  not  a
126                                  secure mode of operation since AUTH_SYS cre‐
127                                  dentials are easily forged.  It  should  not
128                                  be  used  on networks in which any untrusted
129                                  users may potentially have access.
130
131
132                             2    At security level 2, the daemon only accepts
133                                  authentication using the security mechanisms
134                                  configured by nisauthconf(1M).  The  default
135                                  security  mechanism  is  AUTH_DES.  Security
136                                  level 2 is the default if the -S  option  is
137                                  not used.
138
139
140
141       -t netid              Use  netid  as  the  transport  for communication
142                             between rpc.nisd and rpc.nisd_resolv. The default
143                             transport  is  ticots(7D) ( tcp on SunOS 4.x sys‐
144                             tems).
145
146
147       -v                    Verbose. With this option,  the  daemon  sends  a
148                             running narration of what it is doing to the sys‐
149                             log daemon (see syslogd(1M)) at  LOG_INFO  prior‐
150                             ity.  This  option  is  most useful for debugging
151                             problems with the service. See also -A option.
152
153
154       -x attribute=value    Specify  the  value  of  the   named   attribute.
155                             Attributes  that control the NIS+ to LDAP mapping
156                             operation are derived as follows:
157
158                                 1.     Retrieve from LDAP.
159
160                                 2.     Override with values from the mapping‐
161                                        file, if any. See the -m option.
162
163                                 3.     Override  with values from the command
164                                        line -x options.
165                             See NIS+LDAPmapping(4) and  rpc.nisd(4)  for  the
166                             recognized attributes and their syntax.
167
168                             As  a  special case, you can use the nisplusLdap‐
169                             Config* attributes to derive additional  informa‐
170                             tion  from  LDAP.  You  can only specify the nis‐
171                             plusLdapConfig* attributes in rpc.nisd(4)  or  by
172                             means of the command line.
173
174
175       -Y                    Put  the server into NIS (YP) compatibility mode.
176                             When operating in this mode, the NIS+ server will
177                             respond  to NIS Version 2 requests using the ver‐
178                             sion 2 protocol. Because the YP protocol  is  not
179                             authenticated,  only  those  items that have read
180                             access to nobody  (the  unauthenticated  request)
181                             will  be visible through the V2 protocol. It sup‐
182                             ports only the standard Version 2  maps  in  this
183                             mode (see -B option and NOTES in ypfiles(4)). See
184                             FILES.
185
186
187       -z number             Specify the maximum RPC record size that  can  be
188                             used  over  connection  oriented  transports. The
189                             default is 9000 bytes. If you specify a size less
190                             than the default value, the default value will be
191                             used instead.
192
193

EXAMPLES

195       Example 1 Setting up the NIS+ Service
196
197
198       The following example sets up the NIS+ service.
199
200
201         example% rpc.nisd
202
203
204
205       Example 2 Setting Up NIS+ Service Emulating YP With DNS Forwarding
206
207
208       The following example sets up the NIS+ service, emulating YP  with  DNS
209       forwarding.
210
211
212         example% rpc.nisd -YB
213
214
215
216       Example 3 Specifying NIS+ and LDAP Mapping Information
217
218
219       The following example shows how to specify that all additional NIS+ and
220       LDAP mapping information should be retrieved from DN  "dc=x,dc=y,dc=z",
221       from the LDAP server at IP address 1.2.3.4, port 389. The examples uses
222       the simple authentication  method  and  the  cn=nisplusAdmin,ou=People,
223       proxy user. The -m option is omitted for clarity in this example..
224
225
226         -x nisplusLDAPconfigDN=dc=x,dc=y,dc=z \
227         -x nisplusLDAPconfigPreferredServerList=127.0.0.1:389 \
228         -x nisplusLDAPconfigAuthenticationMethod=simple \
229         -x nisplusLDAPconfigProxyUser=cn=nisplusAdmin,ou=People, \
230         -x nisplusLDAPconfigProxyPassword=xyzzy
231
232
233

ENVIRONMENT VARIABLES

235       NETPATH    The transports that the NIS+ service will use can be limited
236                  by setting this environment variable. See netconfig(4).
237
238

FILES

240       /var/nis/data/parent.object
241
242           This file describes the namespace that is logically above the  NIS+
243           namespace.  The  most common type of parent object is a DNS object.
244           This object contains contact  information  for  a  server  of  that
245           domain.
246
247
248       /var/nis/data/root.object
249
250           This  file describes the root object of the NIS+ namespace. It is a
251           standard XDR-encoded NIS+ directory object that can be modified  by
252           authorized clients using the nis_modify(3NSL) interface.
253
254
255       /etc/default/rpc.nisd
256
257           LDAP  connection  and general rpc.nisd configuration. You can over‐
258           ride some of the settings by command-line options.
259
260
261       /var/nis/NIS+LDAPmapping
262
263           Default path for LDAP mapping file. See the discussion  of  the  -m
264           option.
265
266

ATTRIBUTES

268       See attributes(5) for descriptions of the following attributes:
269
270
271
272
273       ┌─────────────────────────────┬─────────────────────────────┐
274       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
275       ├─────────────────────────────┼─────────────────────────────┤
276       │Availability                 │SUNWnisu                     │
277       └─────────────────────────────┴─────────────────────────────┘
278

SEE ALSO

280       svcs(1),  nis_cachemgr(1M), nisauthconf(1M), nisinit(1M), nissetup(1M),
281       nisldapmaptest(1M),  nslookup(1M),  rpc.nisd_resolv(1M),   rpc.nispass‐
282       wdd(1M), svcadm(1M), syslogd(1M), nis_modify(3NSL), NIS+LDAPmapping(4),
283       netconfig(4), nisfiles(4),   resolv.conf(4),  rpc.nisd(4),  ypfiles(4),
284       attributes(5), smf(5), ticots(7D)
285

NOTES

287       NIS+ might not be supported in future releases of the Solaris Operating
288       system. Tools to aid the migration from NIS+ to LDAP are  available  in
289       the    current   Solaris   release.   For   more   information,   visit
290       http://www.sun.com/directory/nisplus/transition.html.
291
292
293       The rpc.nisd service is managed by  the  service  management  facility,
294       smf(5), under the service identifier:
295
296         svc:/network/rpc/nisplus:default
297
298
299
300
301       Administrative actions on this service, such as enabling, disabling, or
302       requesting restart, can be performed using  svcadm(1M).  The  service's
303       status can be queried using the svcs(1) command.
304
305
306
307SunOS 5.11                        13 Aug 2004                     rpc.nisd(1M)
Impressum