Certification Summary

Solaris supports a number of naming services to maintain network information on servers, which serve this information to the clients. DNS is the naming service running on the Internet to support TCP/IP networks. DNS makes communication simpler by using machine names (called domain names) instead of numerical IP addresses, whereas the focus of NIS is on making network administration more manageable and less error prone by providing centralized control over a variety of network information such as machine names, machine addresses, user names, and network services. Whereas NIS was developed in a proprietary environment, LDAP is based on an open standard and is poised to eventually replace NIS. Both LDAP and NIS+ offer security features. The nsswitch.conf file is used to coordinate the use of different naming services on your system.

You can use the ypinit command to set up the master server, the slave servers, and the clients for NIS. NIS is an SMF service under the identifier /network/nis/server and therefore can be started (enabled), stopped (disabled), or restarted by using the svcadm command. The NIS information is stored in files called maps in ndbm format. The maps are created and updated only on the master server from which they are propagated automatically to the slave servers. You can set up the LDAP client with the ldapclient command. The DNS client configuration information resides in the file resolv.conf. The naming service cache daemon, nscd, provides caching service for most common naming service requests. This daemon is managed by the SMF under the identifier system/name-service-cache and therefore can be started or stopped with the svcadm command, although initially it is automatically started at the boot time.

In addition to naming services, Solaris offers another important network service called network file system, which allows machines on a network to share files. This topic, along with some other issues related to file systems, is discussed in the next chapter.

Inside the Exam

Comprehend

• The nsswitch.nis, nsswitch.nisplus, nsswitch.ldap, and nsswitch.files are the templates for the corresponding naming services, and if during install you select a naming service, the corresponding file will be copied to nsswitch.conf file, Therefore, it is the nsswitch.conf file, but not any of these templates, that is used by the client.

• If you create an NIS map on a slave server, it will never be automatically pushed to the master server or other slave servers.

• NIS is an SMF service under the identifier network/nis/server, so it can be administered by using the svcadm command.

Look Out

• Make sure that the source password file on the NIS master server that will be used to make the password map file does not have an entry for the root.

• LDAP client and NIS client cannot coexist on the same machine.

• An LDAP server cannot be its own client—that is, you cannot configure a machine that is already running LDAP server to be an LDAP client.

• Null passwords are not allowed in LDAP.

Memorize

• The clients use the nsswitch.conf file to find out which naming service to use for a specific information type. You may list more than one naming service for an information type in this file.

• When you designate a machine as an NIS server during installation, a Makefile is stored in the /var/yp directory.

• The make command uses the Makefile to find out where the source files are, and runs makedbm to convert the source files to the NIS maps.