[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-sun
Subject:    Re: NIS+ migration
From:       Eva Brucherseifer <eva () RT ! E-TECHNIK ! TU-DARMSTADT ! DE>
Date:       2000-04-28 8:56:09
[Download RAW message or body]

> 
> 	Though this is not a security problem per se, I thought this would
> be a good place to ask if anyone is running NIS+, and is willing to share
> some insights/problems they have with it.  The Comp Sci department plans
> on migrating from NIS this summer, and I will be heading up the change, and
> education of faculty/students on what differences they will see.
> 

We are running NIS+ since years now and I took over administration about
1,5 years ago. Well, I heard there were big problems with Solaris 2.4, they
had to "repair" NIS+ quite often. With Solaris 2.5.1 there were very small
problems. Since August last year (we had hackers...) I am running Solaris 7
and I had some problems especially with inconsistencies between the root master
and the replicas. They became worse and worse and 3 weeks ago, the master
NIS+ server nearly crashed, because some replicas weren't OK. I repaired the
NIS+ master and reconfigured the clients *and* patched the machines with patch
106942-03 which doesn't come with the recommended patches (why not???).
Since then everything is pretty OK.

Generally I have to say that NIS+ is pretty easy to administer. We are using
the automounter (great stuff!) for home directories and software, which is
spread over the whole system. NIS+ works, although we have two sites and until
some weaks ago, we had only a slow telephone line inbetween. Now the information
goes through the whole university and I am happy about DES encryption. By the
way - does anyone see any security problems here?

With the documentation part you are right. The answerbook part "NIS+ Transition \
Guide", "Solaris Naming Administration Guide", "Solaris Naming Setup and \
Configuration Guide" are quite good for an introduction about how it works and about \
the commands, but it isn't a good help when analysing problems. There is a FAQ that \
tries to offer some recepies, but some parts are definitly buggy. I talked to someone \
who tried the SUN support, but they just gave him the same FAQ and weren't a great \
help. So, my advise is: Read the answerbook about the mechanisms, if you have
problems, try to figure out what is reasonable and do it, and - sometimes it
is better to start from the scratch, than trying to repair.
Some of these links are at
http://www.rt.e-technik.tu-darmstadt.de/~eva/sun.html

We have about 15 SUNs, all Solaris 7, with 15 active users and about
30 inactive users at 2 sites.
We are thinking now about using Solstice Networks Client for including the
Windows PCs into NIS+ namespace. Or is samba better? How about the security?

Gruesse,

eva

---------------------------------------------------------------
Dipl.Ing. Eva Brucherseifer
Darmstadt University of Technology,
Institute for Automatic Control, Control Theory and Robotics Lab
Landgraf-Georg-Str. 5, 64283 Darmstadt
phone: +49 - 6151 - 16-3642        fax: +49 - 6151 - 16-2507
email: eva@rt.e-technik.tu-darmstadt.de
http://www.rt.e-technik.tu-darmstadt.de/~eva

vote against spam:
http://www.politik-digital.de/spam/


[prev in list] [next in list] [prev in thread] [next in thread]