Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
rpc.nisd(1M)		System Administration Commands		  rpc.nisd(1M)

       rpc.nisd, nisd -	NIS+ service daemon

       /usr/sbin/rpc.nisd  [-ACDFhlv]  [  -Y [ -B [-t netid]]] [-d dictionary]
       [-L load] [-S level] [-m	mappingfile]  [-x attribute=value]... [-z num-

       The  rpc.nisd  daemon  is an RPC	service	that implements	the  NIS+ ser-
       vice. This daemon must be running on all	machines that serve a  portion
       of the NIS+ namespace.

       rpc.nisd	is usually started from	a system startup script.

       The   -B	  option  causes  rpc.nisd  to	start  an  auxiliary  process,
       rpc.nisd_resolv,	which provides ypserv compatible  DNS  forwarding  for
       NIS  host  requests. rpc.nisd_resolv can	also be	started	independently.
       See  rpc.nisd_resolv(1M)	for more information on	using  rpc.nisd_resolv

       The /etc/default/rpc.nisd file contains the following default parameter
       settings. See FILES.

	     Specifies whether the server is put into NIS  (YP)	 compatibility
	     mode.  ENABLE_NIS_YP_EMULATION=YES	 is  equivalent	to the -Y com-
	     mand-line option. The default value  for  ENABLE_NIS_YP_EMULATION
	     is	NO.

       -A    Authentication verbose mode.  The daemon logs all the authentica-
	     tion related activities to	 syslogd(1M) with LOG_INFO priority.

       -B    Provide ypserv compatible DNS forwarding for  NIS host  requests.
	     The  DNS resolving	process,  rpc.nisd_resolv, is started and con-
	     trolled by	 rpc.nisd. This	option	requires  that	the   /etc/re-
	     solv.conf	file be	setup for communication	with a DNS nameserver.
	     The  nslookup utility can be used to verify communication with  a
	     DNS nameserver.  See resolv.conf(4) and  nslookup(1M).

       -C    Open diagnostic channel on	/dev/console.

       -D    Debug mode. Do not	fork.

       -d dictionary
	     Specify  an  alternate dictionary for the NIS+ database. The pri-
	     mary use of this option is	for testing. Note that the  string  is
	     not  interpreted, rather it is simply passed to the db_initialize

       -F    Force the server to do a  checkpoint  of  the  database  when  it
	     starts  up. Forced	checkpoints may	be required when the server is
	     low on disk space.	This option removes updates from the  transac-
	     tion log that have	propagated to all of the replicas.

       -h    Print list	of options.

       -L number
	     Specify  the ``load'' the NIS+ service is allowed to place	on the
	     server. The load is specified in terms of the   number  of	 child
	     processes	that the server	may spawn. The value of	number must be
	     at	least 1	for the	callback functions to work correctly. The  de-
	     fault is 128.

       -m mappingfile
	     Specify  the  name	of a configuration file	that maps NIS+ objects
	     (especially tables	and columns) to	LDAP (entries and attributes).
	     See NIS+LDAPmapping(4). The default path is /var/nis. The default
	     mapping  file  is	NIS+LDAPmapping.  If  this  file  exists,  the
	     rpc.nisd  daemon will map data to and from	LDAP.  A template map-
	     ping file that covers the normal NIS+ directories and  tables  is
	     installed as /var/nis/NIS+LDAPmapping.template.

	     A NIS+ object must	have a valid mapping entry in the mapping file
	     in	order to have data for that table read from or written to  the
	     LDAP repository.

	     The  rpc.nisd(4) file contains specifications for LDAP server ad-
	     dresses,  LDAP  authentication  method,   and   the   like.   See
	     NIS+LDAPmapping(4)	 for  an overview of the setup you need	to map
	     NIS+ data to or from LDAP.

       -S  level
	     Set the authorization security level of the service. The argument
	     is	 a number between 0 and	2.  By default,	the daemon runs	at se-
	     curity level 2.

	     0	   Security level 0 is designed	to be  used  for  testing  and
		   initial setup of the	 NIS+ namespace. When running at level
		   0, the daemon does not enforce any  access  controls.   Any
		   client  is  allowed to perform any operation, including up-
		   dates and deletions.

	     1	   At security level 1,	the daemon accepts both	  AUTH_SYS and
		   AUTH_DES  credentials for authenticating clients and	autho-
		   rizing them to perform NIS+ operations.
		    This is not	a secure mode of operation since AUTH_SYS cre-
		   dentials are	easily forged.	 It should not be used on net-
		   works in which any untrusted	users may potentially have ac-

	     2	   At security level 2,	the daemon only	accepts	authentication
		   using  the  security	 mechanisms  configured	 by   nisauth-
		   conf(1M).  The default security mechanism is	 AUTH_DES. Se-
		   curity level	2 is the default if  the   -S  option  is  not

       -t netid
	     Use   netid  as the transport for communication between  rpc.nisd
	     and  rpc.nisd_resolv. The default transport is  ticots(7D)	(  tcp
	     on	SunOS 4.x systems).

       -v    Verbose.  With this option, the daemon sends a running  narration
	     of	what it	is doing to the	syslog daemon	(see  syslogd(1M))  at
	     LOG_INFO priority.	This option is most useful for debugging prob-
	     lems with the service. See	also -A	option.

       -x attribute=value
	     Specify the value of the named attribute. Attributes that control
	     the NIS+ to LDAP mapping operation	are derived as follows:

	     1.	Retrieve from LDAP.

	     2.	Override  with values from the mappingfile, if any. See	the -m

	     3.	Override with values from the command line -x options.

       See NIS+LDAPmapping(4) and rpc.nisd(4) for  the	recognized  attributes
       and their syntax.

	     As	 a special case, you can use the nisplusLdapConfig* attributes
	     to	derive additional information from LDAP. You can only  specify
	     the  nisplusLdapConfig*  attributes in rpc.nisd(4)	or by means of
	     the command line.

       -Y    Put the server into NIS (YP) compatibility	mode.  When  operating
	     in	 this  mode, the NIS+ server will respond to NIS Version 2 re-
	     quests using the version 2	protocol. Because the YP  protocol  is
	     not  authenticated, only those items that have read access	to no-
	     body (the unauthenticated request)	will be	visible	through	the V2
	     protocol.	It  supports  only the standard	Version	2 maps in this
	     mode (see	-B option and NOTES in ypfiles(4)). See	FILES.

       -z number
	     Specify the maximum RPC record size that can be used over connec-
	     tion oriented transports. The default is 9000 bytes. If you spec-
	     ify a size	less than the default value, the default value will be
	     used instead.

       Example 1: Setting  up the  NIS+	Service

       The following example sets up the NIS+ service.

       example%	rpc.nisd

       Example 2: Setting Up NIS+ Service Emulating YP With DNS	Forwarding

       The  following example sets up the  NIS+	service, emulating YP with DNS

       example%	rpc.nisd -YB

       Example 3: Specifying NIS+ and LDAP Mapping Information

       The following example shows how to specify that all additional NIS+ and
       LDAP  mapping information should	be retrieved from DN "dc=x,dc=y,dc=z",
       from the	LDAP server at IP address, port	389. The examples uses
       the  simple  authentication  method  and	the cn=nisplusAdmin,ou=People,
       proxy user. The -m option is omitted for	clarity	in this	example..

       -x nisplusLDAPconfigDN=dc=x,dc=y,dc=z \
       -x nisplusLDAPconfigPreferredServerList= \
       -x nisplusLDAPconfigAuthenticationMethod=simple \
       -x nisplusLDAPconfigProxyUser=cn=nisplusAdmin,ou=People,	\
       -x nisplusLDAPconfigProxyPassword=xyzzy

	     The transports that the NIS+ service will use can be  limited  by
	     setting this environment variable.	See  netconfig(4).

	     This file describes the  namespace	 that is  logically  above the
	     NIS+ namespace. The most common type of parent object  is	a  DNS
	     object.   This  object contains contact information for a	server
	     of	 that domain.

	     This file describes the root object of the	NIS+   namespace.   It
	     is	  a   standard	XDR-encoded NIS+  directory object that	can be
	     modified  by  authorized clients using the	 nis_modify(3NSL)  in-

	     Initialization script for NIS+.

	     LDAP  connection  and  general  rpc.nisd  configuration.  You can
	     override some of the settings by command-line options.

	     Default path for LDAP mapping file. See the discussion of the  -m

       See attributes(5) for descriptions of the following attributes:

       |      ATTRIBUTE	TYPE	     |	    ATTRIBUTE VALUE	   |
       |Availability		     |SUNWnisu			   |

       nis_cachemgr(1M),     nisauthconf(1M),	 nisinit(1M),	 nissetup(1M),
       nisldapmaptest(1M),  nslookup(1M),  rpc.nisd_resolv(1M),	  rpc.nispass-
       wdd(1M),	 syslogd(1M),  nis_modify(3NSL),  NIS+LDAPmapping(4),  netcon-
       fig(4),	nisfiles(4),   resolv.conf(4),	rpc.nisd(4),  ypfiles(4),  at-
       tributes(5), ticots(7D)

       NIS+ might not be supported in future releases of the SolarisTM Operat-
       ing Environment.	Tools to aid the  migration  from  NIS+	 to  LDAP  are
       available in the	Solaris	9 operating environment. For more information,

SunOS 5.9			  4 Jan	2002			  rpc.nisd(1M)


Want to link to this manual page? Use this URL:

home | help