[NTLUG:Discuss] NIS capabilities? - noobie

Chris Cox cjcox at acm.org
Thu Apr 9 09:34:49 CDT 2009 

On Thu, 2009-04-09 at 14:48 +0530, namit.bhalla at wipro.com wrote:
> Hi,
> I am completely new to the concept of NIS and wish to know what all can
> be done using NIS.
> >From what I have read so far, NIS can be used to allow any user to log
> on to any client system 
> on a network by having a central database of the passwd files etc.
> I have also read that NIS can be used to "share a common set of
> configuration files". 
> Could someone please clarify what kind of central configuration is
> possible using NIS?
> How can an admin "control" the users in a domain using NIS? For
> instance, in Windows, the 
> admin can use Active Directory to establish a common date format for all
> clients.
> Can NIS be used for such purposes.

No.  NIS presents simple key-value "maps" from a centralized
location (does support a master-slave paradigm) which can be
used by clients programs that understand how to pull that
data.  There ARE tools that come with NIS that can be used to
pull the key-value maps and store them somewhere (so a cheap
arbitrary distribution mechanism can be built when certain
clients don't understand NIS but can read from a file).

So... what all understands NIS?  Good question.  If you have
services that are PAM aware... then they are NIS aware, but NIS
aware for PAM mainly means users (passwd map) and groups (group map)..
and possibly netgroups (special map that contains groups lists of users
and/or hosts that can be used to allow/deny etc access).

With NIS it's easy to setup users and groups that can be used
across all *ix systems.  You can think of it like /etc/passwd
and /etc/group, except one source of that for all machines.

Another popular thing is to push "auto" maps through NIS.  This are
files that can be used by the autofs (autmounter) process on
*ix boxes to control (usually) the NFS client mounts for boxes.

You often see the two ideas (users/groups and autofs) used to
create a common set of users and their home directories across
a network.  Thus, I log in as "chris" and I always see the same
home directory, no matter which box I'm accessing.

NIS existed before DNS (as far as Sun is concerned), so NIS
CAN push out a host map (think of /etc/hosts).  But IMHO, don't
do that, use DNS instead.

Most mail clients can honor a NIS aliases map for mail aliases... but
again, that's probably handled somewhere else.

I guess, all in all, it's not an easy question to give a pat
answer to.  You CAN do quite a lot with NIS (really... you can).
But, in general, unless you want to spend a lot of time on
each and every client, the safest most portable and useful things
you can use NIS for are making user/groups and automounter maps
available throughout the network.

More information about the Discuss mailing list